We had way too many plugins...

"We had way too many plugins 
I said some have got to go 
There’s just way too much to update 
And it’s made website much more vulnerable"

These are lyrics from Verse 1 in the song, "WordPress Got Ran Over By My HubSpot", which highlights one of the most common struggles with WordPress... plugins. Some will sell WordPress as being a good solution because of the vast plugin library that exists. While it IS true that there are thousands of plugins that you can use, there are many problems that come with this scenario.

First, you can't really use WordPress without tapping into plugins as core WordPress is basically a blog platform. If you want to do anything remotely custom or functional with your site, you will have no choice but to grab a pretty extensive list of plugins. You'll need plugins to handle forms and SEO, at a minimum, and then if you want any type of user-friendly content editor solution, you have to install very heavy plugin solutions. While they can make content editing more flexible and give you many built-in options, you not only pay the license fee for the plugin, but you pay the price in site performance as it carries all of that extra weight.

The main problem with plugins is that they are 3rd party solutions that in most cases do not even work. There is no validation from WordPress that the plugins are a quality solution, are secure, or work correctly. With every plugin that you install, you're taking a chance. Will it really work with your version of WordPress, or your version of PHP, or alongside of your other plugins?? There's only one way to find out! I hope you made a backup before you tried to install that plugin! Then, once you have your set of 20-30 plugins (some sites have many more), you now have the ongoing task of updating them. Some you can update with one click. Some you can not. And if you happen to customize the plugin, updating then becomes are real chore as you update manually to keep your customizations in play.... while praying that they still work when you're done.

Dealing with conflicts

As stated a moment ago, your new plugin is going to have to play nice with WordPress, with your server, and with all of your other plugins. If it doesn't, a very common scenario is a fatal error where your site suddenly displays nothing but an empty white screen... unless you have error reporting on, and then you get your errors displayed on that pretty white screen. 

Now, this will not tell you where the conflict actually is. So you begin an internal investigation to determine where the conflict exists and what is causing it. Once you discover the problem, you then have to sort out how to fix it. You will likely end up in a tech support scenario with a plugin developer, your hosting provider, or digging through the interwebs trying to find a solution.

All of the time you spend updating plugins, updating WordPress, dealing with server changes, logging support tickets... none of this is advancing your business. You're not usually even adding anything new to your website. You're just keeping your website afloat. Keeping the lights on. Living to see another day.

Much more vulnerable

As the song says, all of these plugins make your website that much more vulnerable to security threats. Every plugin is a new vulnerability... a new doorway into your site or server. You already have to keep your server and core WordPress updated with a continuous stream of patches and updates. Now, you have to do the same with all of your plugins... assuming that all of those developers actually stay on top of things and provide updates for their plugins. Some developers will, but most will not.

One of the biggest issues with a WordPress website is security. You don't have to dig very far to find tons of posts and articles about security problems, hacked websites, etc. I always say it's not IF your WordPress site gets hacked, it's WHEN it gets hacked.

What about HubSpot CMS?

As we're looking at the HubSpot CMS in comparison to WordPress, how does HubSpot handle all of these plugin and security issues? I'm glad you asked.

1. HubSpot doesn't have (or need) a library of 3rd party plugins. Almost everything you could ever need comes with HubSpot by default. A full user-friendly drag-n-drop content editing system, powerful forms, custom emails, SEO, CTAs, reporting, smart content, integrated CRM, content personalization, privacy content controls, and so much more... ready to go. No plugins needed.
2. HubSpot does have both an App marketplace and a Template/Module marketplace. These give you access to 3rd party integrations or prebuilt themes to build your site with. However, not just anything can be loaded into the marketplace. There is automatic validation on HubSpot's side to ensure everything that is expected and required on the code side is correct and in place. Plus, there is a manual approval process to ensure that a quality product is being added.
3. HubSpot has built-in hosting so you do not need to pay for or manage any other hosting solution. The hosting, SSL certificate and Cloudflare CDN and firewall is all part of the package! With WordPress, each of those items are an additional expense to your "free" CMS solution. Everything on this side of your website is handled by HubSpot, leaving nothing for you to worry about. And their stated 99.9% uptime is actually true. 

I have personally migrated a great number of clients off of WordPress and onto HubSpot's CMS Hub... and I can honestly say that I have NEVER had a scenario where a client regretted that decision. Usually, they just end up mad at themselves for not pulling that trigger sooner.

If you're running a website on WordPress, it's time to correct that. We can help. Let's chat.