Post 5 of 7 in "HubSpot CMS Is Better" series.
"They said build your site on WordPress
It's the best known CMS
But just 'cause that's what you're used to
Doesn't mean you've got to live in such a mess"
These are lyrics from the first half of Verse 3 in my parody song, "WordPress Got Ran Over By My HubSpot", which addresses the fact that WordPress IS the most used CMS across the internet, but that in itself is not a good reason to use it.
Is WordPress Really The Most Popular?
Yes, as difficult as it is to admit, WordPress IS the most popular CMS... and has been for many years. The current stats would show that WordPress powers about 43% of all websites, which is a LOT. This does seem to be slowing down in the vast margin that WP has held for so long above other platforms, so I'm sure the day will come where the "most popular" label will be removed.
Now, while our inspiration song and I are certainly fans of HubSpot CMS, it must also be said that no one solution is the solution for everything. There will be scenarios, although few, where HubSpot very well may not be the best route. (You have no idea how hard it was to even type that last sentence). Currently, the one scenario where WordPress definitely has a leg up on a HubSpot CMS solution is if you need a full shopping cart experience. Generally, I would combine HubSpot for the website and then something like Shopify to handle the store. But, if you want everything all in one place, then you can roll with WordPress and WooCommerce, and you've got the whole thing packaged up together.
In years past, there were more scenarios where WordPress still could hold its own over HubSpot. At this point, in my opinion, the previous example is the only such remaining scenario.
If Your Friends Jumped Off A Cliff, Would You?
Many of us have heard this well-known argument from our parents after saying things like "Well, Jimmy is going there! Well, Jimmy has one! Well, Jimmy's parents let him do it!"
As kids, we certainly fight with that feeling of wanting to have and do everything that our friends have and get to do. Unfortunately, that slips into adulthood for some of us. Now, before we get into a counseling session, this "would you also jump off the cliff" question is brought up simply to make a point. And what is that point?
As the song reminds us all, just because it's the most popular... or what you're accustomed to... or what your previous company used... doesn't mean that you have to keep using it.
Just like everything else in life, change is difficult. However, we often find that something is better on the other side of the change and we then get to experience a better scenario than we ever would have if we had bypassed the change. In the midst of this valuable life lesson, let's stay focused on your website. You may have used WordPress for a long time. Or maybe you're just starting, and thought you'd use WordPress because it's the only CMS you were familiar with. Either way, you don't have to live there.
Rescue Units Are Standing By
You can be rescued! You can migrate your website from WordPress to HubSpot CMS and say goodbye to all of the mess that is referenced in this song and experienced daily by anyone running a WP website! Is there a simple one-click solution and your website magically moves to HubSpot? No. BUT, it's not as difficult as you might think.
HubSpot Template Marketplace
HubSpot Marketplace has a large and growing number of themes available that you can quickly get started with to build your site within HubSpot. Many of these themes are even free! We have an incredible theme about to be added to the Marketplace!
Keep in mind that with any HubSpot theme, whatever the target or demo industry it comes with, you can use that theme for anything! The initial target industry is essentially just an example usage of the theme.
Find A Good Partner
It is always recommended to connect with a partner that can help ensure that you have the appropriate HubSpot setup for your needs and can also assist with getting that existing website migrated!
At Hubs Help, we are very experienced with migrating sites to HubSpot and would love to chat with you about how we can help! I have personally migrated a great number of clients off of WordPress and onto HubSpot's Content (CMS) Hub... and the client is always thrilled with their decision!
If you're running a website on WordPress, or some other platform, it's time to stop following the old trends and start moving your website to greener pastures! We'd love to help, but even if it's not us, please just get help. You, and anyone else managing your website, will be glad you did!
How Real of an Issue Is This?
Sophos reports that over 30,000 websites are hacked every day, and as 43% of all websites are built on WordPress, that means about 13,000 WP sites are hit daily. This of course makes it easy to believe that WordPress is by far the most hacked CMS... by a huge margin.
According to Sucuri, 4.3% of WordPress websites scanned with SiteCheck (a website security scanner) in 2022 had been hacked. That's about 1 in every 25 websites... and of course, not all WordPress sites use SiteCheck, so that is not even a complete picture.
What Makes WordPress So Insecure?
Well, it could be due to not getting enough love and attention as a child. Wait, wrong post. There are actually a number of reasons...
Highly Used, Larger Target
As noted above, WordPress is the most used CMS platform and commands a hefty lead in market share. While that lead seems to be showing signs of a slow down (as it should), the fact remains that there is no other CMS at the moment serving as the foundation for more websites than WordPress currently does. That being said, it puts an easy target on its back. A predator wants to go where the eating is good and there are plenty of options to go after. The same goes for a hacker. They're going to take their hacking skillset to where they can exploit the most possible victims and fully take on that Grinch role in this Christmas season.
Insecure Passwords
WordPress is open source, so most people are installing it and setting it up on their own. You have passwords for your MySQL database, your hosting account, and your WordPress admin login account. In many cases, there are multiple admin level accounts! Each of these logins are a potential gateway for a hacker to gain access to your site and cause significant damage, so if your passwords are weak and easily hackable, you're in trouble.
Outdated Plugins, Themes and Software
Entering the discussion, again... third party plugins. So many people proclaim WordPress' greatness due to the vast amount of plugins available. Yet, every issue that we look at with this platform seems to involve these plugins.
Every plugin, theme, or other integrated software that you are using with your WordPress site is another avenue for hackers to take into your website. As vulnerabilities are found (as they regularly are) from plugin to plugin, the developers release updates and security patches. You have to keep up on those to have the best fighting chance at keeping your WP site alive.
Over 92% of security vulnerabilities in WordPress come from third party plugins.
Types of Vulnerabilities
There are many different types of vulnerabilities, like Cross-Site Scripting (XSS), which is the most common on WordPress sites. Another type, which we have to address as our inspiration song notes it specifically, is the SQL Injection. It is one of the other most common hacking methods, and not just for WP sites.
A SQL injection attack is when the hacker sends SQL commands to the database, usually with the intention of retrieving data. WordPress is a database-driven platform, so that is where everything is housed, from page content to user login credentials. If the hacker successfully exploits a SQL injection vulnerability, they will gain unrestricted access to your database and everything that it contains.
From that point, the hacker can execute code, make changes and cause extensive damage to your website.
What about HubSpot CMS?
As we're looking at the HubSpot CMS in comparison to WordPress, how does HubSpot stack up against these type of security concerns? I'm glad you asked.
- No CMS is immune to security issues. Everyone knows that using a MAC over a PC makes you massively less open to security problems on your computer, although some potential issues still remain. You're never completely exempt from security concerns. The same applies when using HubSpot over WordPress. It is light years better and more secure, but nothing is perfect. However, HubSpot has Cloudflare firewall and CDN, 2-factor authentication options for login accounts, built-in security settings to configure (especially on Enterprise portals), and abilities to lock down your content and file structure from spidering. Lots of options to tighten up what is already pretty solid on its own! Learn more about HubSpot security straight from the source.
- HubSpot has all hosting, security and firewalls built in. There is no need to purchase and manage a separate hosting account. No worries about what version of PHP you're running, updating server software, SSL certificates, or setting up separate firewall solutions. HubSpot has it all covered.
- HubSpot doesn't have (or need) a library of 3rd party plugins. Almost everything you could ever need comes with HubSpot by default. A full user-friendly drag-n-drop content editing system, powerful forms, custom emails, SEO, CTAs, reporting, smart content, integrated CRM, content personalization, privacy content controls, and so much more... ready to go. No plugins needed, so the biggest security issue of WordPress is a non-issue on HubSpot!
I have personally migrated a great number of clients off of WordPress and onto HubSpot's CMS Hub... and the client is always thrilled with their decision!
If you're running a website on WordPress, it's time to stop looking over your shoulder and avoiding dark hacker alleys. Get your site on a more secure environment! We can help. Let's chat.