Posted on: August 19, 2024, 9:46 pm
As someone heavily involved in the shared hosting industry for the last 28 years, it’s time for people to stop using WordPress.
The WordPress core seems secure enough, but their open ecosystem of plugins and themes is a disaster that they can’t seem to get under control. Customer sites are constantly attacked and, worse, exploited, making the hosting provider look bad even though the issue lies with WordPress and PHP code exploits. There’s really little shared hosting providers can do from the server side to prevent exploits from poorly coded scripts. This is not new and has been occurring for over a decade.
I could get into site owners being lazy and not updating in a timely manner, but ultimately, WordPress has the responsibility to create and manage a secure ecosystem. That time has passed, and hosting providers are left to clean up their mess. It’s costly.
It’s time to move on from WordPress.