Today's Web is Tedious

SHARE

Today's Web is Tedious

SHARE

- 5 min to read

Today's Web is Tedious

35% out of about 1,860 billion websites available on the internet are using either Wordpress, Joomla or Drupal. Most popular options are not necessarily the best. Get yourself ready for the change coming just around the corner.

By Denis Kostrzewa

Over 35% out of about 1,860 billion websites available on the internet are using either Wordpress, Joomla, or Drupal what gives the number of 651 million websites.

The Catch

For almost two years, 2.8 million websites built on Joomla were susceptible to a dangerous SQL injection. The bug has been patched by Joomla with 3.4.5 version 2 days after the release there was a step-by-step tutorial on Youtube on how to exploit Joomla >3.4.5. What if you didn't update your website immediately after the release?

Based on research made by WP White Security around 73% of the most popular WordPress installations can be hacked. To find out which can be, you can use free automated tools.

newsletter abstract background

Get EXCLUSIVE web development case studies in your mailbox!

Sign up for our Jamstack newsletter!

Drupal also found its place in the ungrateful history of CMS exploits. According to Drupal announcement from 29th October 2014: "You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11 pm UTC, that is 7 hours after the announcement." What if you didn't act that fast?

Taking into account all of the above factors you should always update your CMS to sleep peacefully at night. Sounds pretty exhausting, especially if you're using a plethora of add-ons. Well, chances are you're using a plethora of add-ons.8

Fortunately for people who don't want to mess with all the updates (like me and the rest of Bejamas team), there are plenty of great Static Site Generator projects, which are, by the way, open-source.

The Rise of Static Site Generators

Static Site Generators aka. Static Site Engines are definitely not an ephemeral novelty. They've been around quite a while, but nobody really paid attention to them as it takes place right now. The first known SSG is called tclog and has been written in Tcl/Tk. The first release took place in 2003. You can check this project out here.

The idea behind Static Site Engines is pretty simple, yet powerful: take dynamic content and build it into raw HTML/CSS/Javascript files, then deploy them as static files to the server. No server horsepower is needed, which takes us to the first of many advantages of this approach.

Hosting Cost & Scaling

Hence the website is always completely built on your production machine when you use a Static Site Generator the only thing you have to pay for is basically the storage space. If you're not tech-savvy, please let me explain it to you shortly:

When you build your website on a production machine and serve the raw files on your hosting they're ready to view - basically nothing happens on the server-side. If someone's visiting your website he's seeing the files as they were built on your machine, nothing's being built on the server.

On the other side, things are getting a bit more sophisticated when you consider how a dynamic site, build on WordPress, Joomla, etc. works. When a visitor hits your website the server-side script is being run. A server-side script's querying one or many databases to get data (content), which have to be displayed to the visitor. Data is being passed to the template engine and the template engine sets up the HTML file which is then seen by the visitor. Now multiply that process by hundreds or thousands of visitors who have the interest to get your website's content. Sounds laborious. Sounds pricey.

I think the conclusion here is plain and simple: going static means being better prepared to handle large amounts of web traffic compared to dynamic websites, it also consumes a small fraction of server horsepower.

Performance

In the age of impatience and information overload, each millisecond of your website loading time is literally equal to a certain amount of dollars. I'm dead serious. Based on research made by www.hobo-web.co.uk if your website is loading for 4 seconds or more it'll cause more than 25% of visitors to abandon viewing it.

If you read my quick explanation above where I described the differences between hosting a static site and a dynamic one you probably can get to this conclusion yourself: static eats dynamic when it comes down to performance. Period. But wait! You won't show us any research to make your thesis more credible!? Hey, of course, I do! Follow me.

At the end of 2016, https://gettingthingstech.com moved from their WordPress platform to Hugo. Part of their motivation was to improve page load performance. They measured, of course, the page loading speed on WordPress and after moving to Hugo and made a great comparison.11 In this case, they've shortened the time server needs to send the HTML to the user from about 2.5 seconds to 0.3 seconds (it's pretty tough to say precisely watching this chart, what you can say with no doubt though is that the difference is tremendous).

At the time they changed their hosting provider, so it has an impact on the time as well.

Here another example of a simple comparison between a static site generated with Jekyll and a WordPress one: https://bradonomics.com/jekyll-wordpress-speed/ Loading time improved by about 164%.

Security

As I've already described in The Catch section of this post - you're exposed to several threats if you'll go with ‘the standard CMS way'. On the other side, what can possibly go wrong if you just serve flat HTML files with CSS and JavaScript? You don't have any database which can be a victim of SQL injection. Everything's static & safe so you don't have to care much about the security of your website.

Auto-Backup & Version Control

Guess what you have to do to backup your WordPress site? Bingo! Install another add-on.

Remember, keep at least three backups on file, just in case one is corrupted or lost, and store them in different places and on different mediums, like CD, DVD, different hard drives, etc.

You have to remember to take the backup manually once in a while. If your database is full of statistics from WordPress plugins (because, as I wrote above, chances are your theme is packed with a lot of plugins) you've to choose only those tables which you want to backup. Well, that sounds like a lot of work. You can do all that, but you still don't have control over each version of your site. To gain it you'll have to backup your site each time you're making changes. Have fun.

With the emergence of Git-based distributed revision control systems as f.e. Bitbucket or Github this is not an issue anymore. Each time you commit & push new changes to your site the previous version is backed up automatically! It takes literally one line of code in your terminal to get back to the previous version. How cool is that! And, just so you know, with Netlify and BitBucket it's totally free.

Pros and cons

I'm not trying to say in this post that there are no pros of using WP/Joomla/Drupal or similar solutions. It's obviously easier to set everything up, at least in the beginning, but you'll probably struggle with this setup as you go further.

On the other side, if you want to go static and your website isn't a one-page you'll probably have to hire a professional who has the technical knowledge. You would have to do it anyway even with a WordPress site if you're thinking seriously about it, wouldn't you?

I just wanted to underline in this post that there are a lot better options available and, honestly, everyone suggests WordPress because it's the most popular, not the best, option.

Hey, hold on a second!

You didn’t mention anything about managing content or adding posts on a static site! Is it even possible?

Yup static site doesn’t mean static content. Read more about CMS + Static Site Generators setup in our next posts.

Stay tuned!

We can help you make use of modern web development tools to make your website and your business faster, safer, and more reliable.

Wanna know how? CLICK HERE to schedule a 1-on-1 talk to learn more about what we can do for you and your business.

Share

Written by

Denis Kostrzewa

Technology Enthusiast, lover of any kind of music. I like meeting new people, marinated tofu and building stuff from nothing. Not necessarily in that order.