Client education is all in a day’s work for web developers and designers; often, it’s part of the pitching process.
Some clients don’t care how we build their sites, as long as we build them well. Others, however, know just enough to be dangerous – they want the details and are skeptical of WordPress. Worse yet, some think less of developers who use WordPress.
As WordPress professionals, we know why our favorite CMS works for so many projects; however, we internalize so much knowledge in our day-to-day work that it can be difficult to communicate why we feel what we feel. With that in mind, here are nine objections to WordPress an uninformed client might raise, along with the information you need to counter them.
- 1 Objection 1: Isn’t WordPress Just for Blogs?
- 2 Objection 2: WordPress Is Just for Personal Sites and Small Businesses, Right?
- 3 Objection 3: Won’t WordPress Negatively Affect SEO?
- 4 Objection 4: I’ve Heard That WordPress is “Responsive.” I Don’t Know/Care About That.
- 5 Objection 5: WordPress Isn’t Secure!
- 6 Objection 6: A Software Package This Good Can’t Possibly Be Free. What’s the Catch?
- 7 Objection 7: So If It’s Coded and Maintained by a Bunch of Volunteers and Some Employees, How Good Can It Really Be?
- 8 Objection 8: You ‘Specialize’ in WordPress Development, So It Will Cost Me More, Won’t It?
- 9 Objection 9: Real Developers Hand-Code.
- 10 Use These Tools to Keep Frequently Used Responses Handy
- 11 Send Still-Skeptical Clients to Reliable Sources of More Information
Objection 1: Isn’t WordPress Just for Blogs?
Dear client,
You may be confusing WordPress (the open-source software package, found at WordPress.org) with WordPress.com. The former is a fully-fledged software package while the latter is a service that hosts personal websites in much the same way as Blogger, Tumblr and other such managed offerings.
WordPress began as a personal publishing system back in 2001, but by 2008 or so had evolved into a complete content management system.
It’s installed on your own server (or that of your hosting service). You own everything that’s created there and have full, unlimited creative freedom.
Furthermore, WordPress is built using widely used, fully tested programming languages including PHP and SQL, and can accomplish just about any task asked of a website. It’s eminently extensible with a vast and growing library of plugins – around 40,000 in the WordPress repository alone! Many plugins are free, which means you can get the site you want faster and at a lower cost than if it were hand-coded from scratch.
You’re not limited to preexisting ‘themes’ (i.e. designs) either. Developers often use these merely as starting points so that they can create unique designs without having to reinvent the proverbial wheel.
Sincerely,
Patient WordPresser
Objection 2: WordPress Is Just for Personal Sites and Small Businesses, Right?
Dear client,
WordPress is used by some of the most widely recognized brands in the world such as CNN, CBS New York, Harvard Business Review, Boise State University, New York Times, Dole, Glad, Mercedes-Benz and Vogue. Boom.
Think of it this way: If WordPress is good enough for the Library of Congress, government sites in the U.S. and Great Britain, and the U.S. military, it’s probably robust enough for your needs, too.
As of August 2015, WordPress powers nearly one in four sites on the Web – and of all sites that use a CMS, WordPress is the choice of more than 80%. In 2014, WordPress remained the fastest-growing CMS for the fifth year straight.
Sincerely,
Reassuring WordPresser
Objection 3: Won’t WordPress Negatively Affect SEO?
Dear client,
On the contrary, WordPress is an SEO powerhouse coded to be SEO-friendly “right out of the box.” It supports a wide variety of plugins that help developers fine-tune every aspect of SEO.
Google’s latest algorithm puts fresh, original content in the spotlight – and at the top of search result pages. WordPress makes adding content easy for you and your staff, if you’d like to do it on your own.
Sincerely,
SEO-aware WordPresser
Objection 4: I’ve Heard That WordPress is “Responsive.” I Don’t Know/Care About That.
Dear client,
You should! A “responsive site” means that it’s built to perform well across all devices used to access the Web. Think you need a site that looks good only on desktop computers? Think again. More people now access the Web on mobile devices than on desktops.
Responsive sites are better for SEO. Google’s latest ranking methodology gives props to sites that perform well on mobile devices. You reach more people on more devices, and score higher in Google searches, thus adding reach and credibility to your brand.
WordPress helps with all this by supporting responsive themes – and if a given theme is not mobile-friendly, WordPress enables developers to change that without trashing the site. Like a boss.
Sincerely,
Slightly exasperated WordPresser
Objection 5: WordPress Isn’t Secure!
Dear client,
Au contraire!
The company behind WordPress, Automattic, employs a security team consisting of 25+ experts whose only job is to make sure the WordPress core is safe from attacks such as injections, viruses, etc. They even have a Security Czar, Nikolay Bachiyski, who really knows his stuff.
Sincerely,
Security-conscious WordPresser
Objection 6: A Software Package This Good Can’t Possibly Be Free. What’s the Catch?
Dear client,
There isn’t any. Really. WordPress (and its updates) are open-source, which means you are free to use the software any way you like. And unlike sites hosted on WordPress.com, you have complete creative and functional freedom. If it can be coded, it’s okay to do.
A worldwide team of developers is constantly improving and rigorously testing WordPress. Some are employees of Automattic (the company behind WordPress), while others do it simply to contribute to the very active, supportive WordPress community. Updates are released regularly at no charge whatsoever.
The WordPress software package is licensed under the GNU General Public License (GPL), meaning that anyone can use, copy and distribute the software itself. (Don’t worry: You have full copyright to the styling and content you add.)
Sincerely,
Reassuring WordPresser
Objection 7: So If It’s Coded and Maintained by a Bunch of Volunteers and Some Employees, How Good Can It Really Be?
Dear client,
Very.
The WordPress community comprises top-notch coders, testers and other contributors. Unlike software that’s marketed by a single company and developed and maintained by a single team, WordPress has thousands of talented, dedicated folks behind it. Updates, fixes and improvements come at a steady pace.
WordPress meets all guidelines of the World Wide Web Consortium, an international community that aims to develop across-the-Web standards for coding.
WordPress also follows best practices as laid out by Google, Bing and Yahoo.
It works in all modern browsers. Firefox, Chrome, Safari, Opera and other browsers (particularly Internet Explorer) have their individual quirks, which websites coded “by hand” must address. That means more time (and therefore more money) is required to cover the reworking and testing needed to make sure your website displays properly no matter what browser a visitor uses. On the other hand, browser compatibility is baked right into WordPress. Sure, if your developer makes extensive changes and customizations, he’ll need to make sure those changes work across all browsers.
Sincerely,
Confident WordPresser
Objection 8: You ‘Specialize’ in WordPress Development, So It Will Cost Me More, Won’t It?
Dear client,
Quite the opposite in fact.
WordPress gives a developer all the basics, so he doesn’t have to create them anew each time, and it’s ready to be customized to your liking.
If you’re the least bit computer-savvy, you can add and style posts easily without paying for a developer’s time. And if a developer goes AWOL, another can pick up where she left off.
Not bad, eh?
Sincerely,
Slightly jaded WordPresser
Objection 9: Real Developers Hand-Code.
Dear client,
Really?!
All developers – regardless of their approaches to designing and developing your site – must be proficient in, at a minimum, HTML and CSS. Most also know some JavaScript (and its related libraries, such as JQuery). WordPress developers, however, need to know the intricacies of PHP and have at least a decent familiarity with SQL, and they must know the architecture and coding specific to WordPress to boot.
Long story short, the skillsets of WordPress and traditional developers complement and overlap each other, and WordPress developers are no less professional than any others. The difference? The latter don’t start every project with a blank screen. Instead, they begin with tested, proven, widely used and well-coded framework that’s already done a lot of the heavy lifting.
Sounds smart, doesn’t it?
Sincerely,
Keeping-cool WordPresser
Use These Tools to Keep Frequently Used Responses Handy
As anyone who works on or with the Web (or anywhere, for that matter!) knows, the right tool for the job can make an enormous difference in productivity and convenience. In true WordPress fashion, stop writing the same things over and over again; instead, use these tools to find the snippet you need quickly and simply cut and paste into an email.
- Evernote. Create a notebook titled “Client Response Snippets” or something else you’ll recognize easily. Then, create a note for each of the nine points above and paste the responses into the relevant notes. Don’t forget to tag your notes to make retrieval easy.
- WeeNudge.com. This collection of snippets isn’t specific to WordPress, but they can be very useful when explaining general design concepts and strategies to clients.
- Use a plugin such as WordPress Notes, which enables you to add your snippets right on the WordPress Dashboard for quick access. Check out the WordPress repository for many more.
Send Still-Skeptical Clients to Reliable Sources of More Information
If your client is still unconvinced, here are a few links to send him:
- WordPress.org’s showcase, where your client will find many recognizable brands
- 35 Reasons a WordPress Site Is Better Than a Traditional Site
- 14 Surprising Statistics About WordPress Usage
- WordPress Market Usage Statistics
- How WordPress makes money
Unfortunately, WordPress is still sometimes vastly misunderstood. As with most problems, information is your best ally. When your client thinks that WordPress is a word-processing program, use this cheat sheet to tell him about its versatility, wide usage by brand heavyweights, SEO friendliness, security, technical excellence and value…or simply share this article 😉
Have your clients ever balked at the idea of using WordPress for their sites? How did you handle it? Tell us in the comments below!
Image credit: Max Griboedov/shutterstock.com
I’m running a personal ecommerce on wordpress via woocommerce, and everything running quite as I expected to be. Just to say, custom post type/taxonomy/meta box and the relations between it that you can achieve.
The flexiblity of wordpress is what i love must about it. I have a real estate website and later switched over to wordpress.
But the problem i am having now is how to migrate and redirect my old website to the new one as the old website owners is trying to frustrate and prevent me from leaving.
What annoys me must is the old website is doing great on searching engines and averaging 15,000 unigue a month.
I always enjoy reading posts on this blog. However, I am very surprised by some of the content in this one. Considering the organisation sells cutting edge software, I can’t believe the wording is so 90’s! You keep stating he or his, except once where you use ‘she’ in #8 in an example of being left in the lurch, seriously! Come on Elegant Themes, I thought you were more globally educated and respectful than that. From, female WordPresser!
I’ve noticed that my hosting BlueHost (not trying to plug…) company has upgraded their hosting packages to making available “premium WordPress” hosting, dedicated, secure, and updated automatically (unless you deactivate). The whole intention is keeping things secure. So in the case of #5 I really think that the hosting side are waking up and doing their part as well. I haven’t seen this with too many hosting sites as of yet.
About 5 years ago, I just turned off all of my “leave a comment” capabilities, and that put an end to all of my problems back then. Akismet helps too, I am going to look into what Atei and Andrew said as well, thank you!
The explanation for number 5 is super weak. If you keep the core and plugins up to date most of the script kiddes can’t get in. That being said you can do much more. Hiding your default admin URL is super important. Install a firewall plugin like NinjaFirewall. The plug-in Block Bad Queries (BBQ) helps protect WordPress against malicious URL requests. Itheme Security hardens all kinds of stuff. Also, get daily backups squared away with Duplicator or Backup Buddy. You host also has a HUGE impact on your sites security. Firehost looks interesting. Stop username enumeration with this plugin https://wordpress.org/plugins/stop-user-enumeration/. Here’s a great list at Github https://github.com/wpscanteam/wpscan/wiki/WordPress-Security-Tips. WordPress is a target for the script kiddies because its so damn popular. It’s a cat and mouse game that never ends. What do you expect, there are over 70 million WP sites on the grid. Joomla gets hacked too but who cares… nobody uses it. Best wishes…
It’s true that many people think of WordPress primarily as a CMS used primarily for blogs. But compared to other CMSes WordPress is most flexible CMS ever. Creating a website in WordPress is a child’s play.
Today a lot many websites are based on WordPress because of its plethoras of features. It is compatible with thousands of plugins and themes which in turn gives you a power-packed functionality.
Is this serious? WordPress the best CMS? It is so far from being a working CMS it is not funny.
Problem is that most of the clients have a fixation for a specific CMS and no matter how hard you may try, they will never change their stance.
I Agree with Tomasz totally. WP is targeted because of its popularity and nothing can stop it. One need to keep himself updated. its like Ms Windows Desktop which is popular and targeted the most.
But i also I agree with Ed Dogan, #5 didn’t quite convince me though..
I would say rather.
If you stick to most popular practices , plugins and themes, change of hack/cracking are very very low.
Also keep noted that WP keeps updating Security patches ASAP, as its most poplar one. and the new WP has feature of auto update for its core code.
Thanks for this article, you can apply it to all of CMS not only wordpress. As to security, frankly speaking there is no secure CMS. WP is targeted because of its popularity and nothing can stop it.
Thank you very much for this clarification. Hope I can use it as a resource point on m site?
Regards
I host a number of websites on my server and by far, WordPress causes the majority of the headaches. It seems the core security team has really lost touch with the average WP user and smaller properties that don’t span across dozens of servers.
Good hosting can help thwart a lot of security issues but it takes time to setup. And that doesn’t help with maintaining core and plugin updates. That’s true of any CMS but with WordPress’ market share, it’s a sure bet that you’ll get attacked at some point.
One of my beefs is core has been vehemently against basic security obfuscation techniques like changing the admin entry point (from /wp-admin/ to something else) and limiting login attempts, feeling the former is security by obscurity (only half true) and that blocking users causes more problems than it solves.
In realty, I don’t think they understand that botnets changing IP addresses (to thwart blocking logins) aren’t generally my problem, it’s automated script kiddies trying to brute force passwords and taking up server resources while they do it.
As soon as they recognize you’re running WP, here comes the barrage of automated tests. By limiting login attempts and changing the default entry point, that eliminates the majority of drive-by attacks, things that other CMS like Craft—my new favorite CMS—have built in by default. Most browsers save passwords now; there’s no excuse to let someone keep trying to login.
I agree with Ed Dogan… Security is the #1 issue and doesn’t go away because a security team is working on it. Every week (or day) I have plugins & themes to update to thwart security vulnerabilities (not to mention core updates). Yesterday Wordfence prevented over 50 hacker login attempts (from Ukraine, Russia, France and other locations) just on one of my sites. A few days earlier, I had over 150 hack attempts on another site.
Because of security issues, WordPress sites require much more time to manage than standard HTML sites.
Last week I updated a theme and plugins including Visual Composer on one of the sites I manage and the VC Carousel stopped working (was showing client logos along the bottom of the page). I spent hours troubleshooting this one issue.
HTML sites are more of a “set it and forget it” solution for smaller static sites. They take almost zero time to manage.
With that said, I am a WP believer and recommend 95% of the time to clients. Easier to setup, easier to add cool features, easier for a client to add content, easier SEO. But… I have to charge more for routine maintenance – mainly due to security threats. WP sites are the most hacked sites.
Thanks for the article and good points made.
I host a number of websites on my server and by far, WordPress causes the majority of the headaches. It seems the core security team has really lost touch with the average WP user and smaller properties that don’t span across dozens of servers.
Good hosting can help thwart a lot of security issues but it takes time to setup. And that doesn’t help with maintaining core and plugin updates. That’s true of any CMS but with WordPress’ market share, it’s a sure bet that you’ll get attacked at some point.
One of my beefs is core has been vehemently against basic security obfuscation techniques like changing the admin entry point (from /wp-admin/ to something else) and limiting login attempts, feeling the former is security by obscurity (only half true) and that blocking users causes more problems than it solves.
In realty, I don’t think they understand that botnets changing IP addresses (to thwart blocking logins) aren’t generally my problem, it’s automated script kiddies trying to brute force passwords and taking up server resources while they do it.
As soon as they recognize you’re running WP, here comes the barrage of automated tests. By limiting login attempts and changing the default entry point, that eliminates the majority of drive-by attacks, things that other CMS like Craft—my new favorite CMS—have built in by default. Most browsers save passwords now; there’s no excuse to let someone keep trying to login.
I absolutely agree with you Bob. WordPress is such a headache to maintain. Managing routine maintenance on my 12+ wordpress sites has now become a chore with the constant updates that are required for plugins, themes and wordpress core. I want to hand back the maintenance to my clients but I fear they will not have enough expertise to cope with any update issues that will occur. I recently updated Woocommerce and needed to get support as the product display was not working correctly which could have been either a theme or plugin issue. The interim solution was to adjust some css. My clients are not experienced enough to work this through. For those clients that do not require an actual CMS, I am looking at going back to developing HTML/CSS sites.
Hi Grace!
Agree with Atei. ManageWP has changed the way I manage multiple WordPress sites and has provided me a new revenue stream by being able to provide security scans, backups, ongoing management, and more! ManageWP is reasonable for small business and a real time saver. No affiliation with ManageWP, just a treat to use the service. Hopefully this will help you with time management :).
It looks like those complaining about managing multiple sites are not aware of WordPress management plugins and services like ManageWP and Infinite WP. Infinte WP is free and you can host it on your server to manage an infinite amount of sites. From bulk updating plugins, themes and backups. I have over 30 WordPress sites and have no issues managing them.
No doubt wordpress the out of the box best CMS available right now. You can easily find a good theme developer as well plugin developer as per your needs.
Thanks for your effort
I really like the style of this post Tom, thanks.
#5 didn’t quite convince me though.
I absolutely agree. STEALRAT (see description of this darn spambot online) is giving me serious headache and even with tools like Wordfence I have to check every single day if something wrong is going on without notice.
one of our server (and all the customers relying on it) has been put on a ban list several times and I spent A LOT of time to fix the damage, setting PHP security at a higher level
Hi There,
I think everyone could rethink the security issue, I think wordpress it´s pretty safe if you follow the standards of wordpress coding. Also, please visit https://ithemes.com/security/ and you will see how secure it can be with one, only one plugin.. check it out.
Nice post!
Exactly! That’s the key issue I have with WordPress – security. My sites were compromised some weeks ago and fixing them was a lot of headache. I’ve fixed three and have three to go. I found myself thinking something like: WordPress is the best CMS until your website gets hacked or taken down by the host due to injection of malicious files. This is a brilliant and very useful piece all the same. Thanks for the great work.
Philip, most often the issue with sites getting hacked is that users use a password that’s not very secure. The other issue is that many haven’t been taught how to manage their site…updating plugins and WordPress core files, mostly. Yet another issue is that they tend to gravitate toward budget-friendly hosting which offer minimal built-in security, if any at all and have to rely on security plugins that don’t get updated on a regular basis. I use a premium web hosting company to host over 50 WordPress sites. Never had an issue.