Yes. Keep the real application on a subdomain, and make your marketing website a simple wordpress install. Minimal effort, and works great if you don't care about authorization / integration between the two.
I beg of you, if you use Wordpress, and don’t have some reason you can’t do this:

Use a static site generator plugin for Wordpress, host it completely behind IP restrictions or firewall rules, for only whoever needs to actually update it. The static site plugin will regenerate/update plain HTML files out of your WP instance whenever you tell it to; then it transfers those to your location of choice where they’ll just be hosted statically.

Wordpress is a pile of garbage from a security standpoint and having it exposed to the internet is basically asking to be hacked constantly by spammers and script kiddies. But it is useful as an easy content generation tool anyone can use, and at the cadence most people actually update it, the regeneration compute time is trivial.

> Still, pretty impressive market penetration in a world that now has reliable generative AI and serverless lambda functions with 2 min deploys like Vercel and Netlify.

Huh? What’s the link between generative ai and the need for a wp like tool? Or indeed lambda functions? Does the author think that _everyone_ is using aws?

At one point The New Yorker, with its 90 year archive, was on WordPress.

It only moved off that because Conde Nast (parent company) had their own CMS and wanted to unify what all their brands used.

Many publishers (large and small) use it quite reliably at an enterprise level.

Recently tried Wordpress again, thinking maybe it has matured.

Terrible idea, terrible platform. For example, you want metadata on posts, you install ACF. You want to filter on that metadata, good luck if it's over a couple filters simultaneously, the SQL queries will time out. You're guaranteed to need different tweaks that get dumped into a scripts file, feels like patterns from 20 years ago. There are some people trying to untangle the Wordpress trash pile by refactoring and bolting Laravel onto it[1], but every layer is just a nightmare; the authors of different parts can barely assess why things randomly break.

You might find WP appealing for the plugin ecosystem, but the plugins are completely random in implementation, so you're likely to get a bloated scramble of CSS and JS pushed to your users.

I moved to Directus and Astro, but I would probably use a Laravel-based CMS like October or Statamic for more generalized PHP deployment.

[1]: https://roots.io/

This seems like a bit of the perennially-linked "Choose Boring Technology" bit. Your corporate landing page/blog is unlikely to need anything fancy. This is true especially if you aren't in tech, while the article focuses on YC startups, so a tech subset of (or subset of tech) startups. The categories listed do seem most likely to be cases where there isn't much need for anything fancy on the website front.
I'm certain there are still endless amounts of little lifestyle businesses out there doing a few million in revenue on the same WP installation they've been configuring since 2011. I know because I built them back then and literally nothing has actually changed. I honestly can't say I'd reccomend anything else to someone intent on self hosting even today.
I don't. I dropped Wordpress years ago, because I got tired of dealing with all of the security problems.
Yes we do in (both) my startups. And I know a friend who does too. Interestingly we’re actually coming back to WP after a time w/o it!
Wordpress has value in its ability to get a site up very quickly. If I, one person, want to, I can get a pretty professional site up in a day. That's a powerful. I can then come back to it later and improve it given my needs. Startups are all about limited resources and Wordpress is a good tool to use. What's a better alternative?
I used WordPress at my last job. We don't at my new job and I miss it terribly.
we were looking at this the other day while trying to assess what the standard tools are for ecommerce these days. We were using google trends.

There is still a lot of interest in wordpress, compared to say joomla which had its day in the sun but is now on the way out. However there seems to be a big move towards people using more SAAS (e.g. your broucure site being instagram) and less maintaining your own kit.

Also anecdote: my sax repair guy is moving off woocommerce onto an offering provided by his PoS vendor. PoS integration is also quite common - a local non profit I'm involved in also does this.

Does anyone use Headless Wordpress here?

It's been quiet since they launched that, and I've never used it but it sounds like a good option for those who never really learned PHP

Any tech that lasts this long has some serious mojo.

Was checking out the SSG scene and with the exception of a couple of gems its a loud, confused buzzword cacophony screaming for attention.

WordPress is great for finding site and hosting/config vulnerabilities, which you can fix and then delete WordPress. it's like outsourcing for free a bug bounty.
We use it:



Just as two examples

Why wouldn’t you? Great platform to get a site up and running quickly.


Yes, it's usually a one-click install and comes with an easy way to switch between themes, can give access to others to write content (editors) and you can easily get extra goodies on the same installation like contact forms, newsletters, reservation systems, e-commerce, etc.
WordPress is dominant because it's the Lingua Franca of the web design world. Despite PHP sucking, WordPress is well known by everyone in the industry and competitors - even with far superior technology - have an impossible task disrupting something with such platform dominance.

For comparison, Microsoft Windows still holds about 75% market share, a figure that has barely budged in the last five years, despite Apple making major inroads.


Quite a few do - here is databricks https://www.databricks.com/
Its a good honeypot.
I don't mind WordPress. My company doesn't use it for its marketing sites though, prefers larger more monolithic enterprise options. But it's not a startup either. From what I heard WordPress was not favored because maintenance was difficult (plugins, vulnerabilities, upgrades) and also there was uncertainty about gpl. A while ago some startups I worked were using webflow and instapage for their marketing sites.
I've noticed some which only offer an app use WP for their basic web presence/brand landing page.
No, not since around 2017. I personally use Jekyll now for all my startup-y websites.
Anybody use ghost? How do you find that?
The article misspells the product
WordPress? That's too simple. We use a static webpage, served up through kubernetes.
for my company we still see it in use after all these years and countless security incidents because it's just left there. I could not personally ever imagine wanting to install that and thinking it's a good thing.

Recently I have had to help restore one that was completely infected, before we acquired the business. The amount of BS that still is exactly the same as it was the last time i was forced to manage WP in the early 2000's is insane. I get the draw, I just don't agree with it and would never openly advocate for it to be considered.

Every reason to not use it can be excused if you want to make an excuse for it or do something different with it, but at the end of the day it's dated and offers more headache and pain than any usefulness of it as a tool in hosting a site.

Here's some of my bug A boos...

- Doesn't scale

- Wants open permissions on files

- Wants you to use plugins

- Exposes services it doesn't need to expose

- Hardcode's FQDN in links and resources, and everything it can

- Defaults to be the dumbest install settings to make it "easy" for everyone

- Debugging is still a nightmare

- Logging is not consistent

- Maintains state on a machine, preventing you from scaling or high availability

- Codebase has no real framework to extend and use, preference on adding your own bad code to it in order to make it work.

- Does not work well with CI/CD automations

- Is a huge target of vulnerability scanners

- Page updates use a huge post size that is expensive to inspect w/firewall

- Making changes can and will take your site down

- Lets you modify a template file from the gui, but only the first directory level, making you still need to push changes to underlying files in a template.

- Performance is a joke

- Problem with a plugin can crash the full site

- SQL injection is still a significant problem

again, i know someone can rationalize them all away; you are putting in a ton of work that you could have done otherwise with a better solution and not have the ongoing limitations and nightmare associated with it. If you run it, you should consider it to already be hacked and move accordingly.

Often times i hear the argument, well there's nothing i need on there so it's not a security risk...i think your customers would dissagree when they start getting infected with crypto miners, clicking affilitate links that aren't yours, linking to malware, viewing content you didn't add, downloading files that are dangerous, using your hacked system to attack others, and on and on.

edit: format