Yes, if you constantly update your installation, which is the exact opposite of what this blog post is about. Otherwise you run a pretty good risk of your installation being hijacked, overtaken by spam bots or similar after a few years.
Yep. I run a few WordPress sites and the amount of maintenance with them is crazy. The plugin model makes maintenance brutal too since it's all independent devs with different release cycles, testing practices, etc.
Following the philosophy of simple hosting + MD outlined in the OP then the WP equivalent would be something like a simple (official twenty*, or your own custom) WP theme with zero (or minimal amount of) plugins. Enable auto-updates on WP and you're done.
The more plugins you use, the faster entropy kicks in without maintenance.
Agreed, if you stick with the twenty* themes and keep it simple, you can get pretty far with very little maintenance.
For simple sites, especially where we don't do comments, I've started using Simply Static though to just generate pre-rendered pages. All the benefits of static site builder with all the conveniences of a CMS.
I've had it on my TODO-list to try out that plugin, thanks for reminding me!
How many sites have you tested it on, have you had any issues? I'm gonna play around with it now but what I'm mostly concerned about now is how you manage the site if you point the web server to the static directory.
I made a prototype at one point where you have your actual WP site in a subdirectory, like example.com/wordpress, which is IP restricted (or behind http auth). Then you crawl that site with wget (or curl) to generate static HTML and to finish it off by search/replacing the HTML files (removing the /wordpress portion). Then you serve the static files to general users.
If you happen to ever read this, I ended up with a setup similar to the hacky one I did before:
- WP moved to subdirectory (WP home and siteurl changed in DB)
- Static site served normally from (and generated to) webroot
Just needed to add sitemaps and robots.txt to the config to be included. Workflow is super smooth. Login to example.com/wordpress/wp-admin/, view your changes at example.com/wordpress and when you're happy, publish the site through the plugin.
Curious to see what kinds of issues I might be running into later on (this was just a quick test).
Same story with Jenkins, the plugin ecosystem is just ridiculous. If Linux distros did the same thing with packages, Linux would be broken literally all the time.
WordPress core yes, and it's pretty safe, but if you use many plugins (which most people do) that gets a lot riskier. Premium plugs are pretty safe but still I've had stuff break.
The kind of person whose needs would be satisfied by a static site generator doesn't seem likely to need 20 plugins, so it doesn't sound like an apples-to-apples comparison.
I don't base on number of plugins, I base on complexity personally.
I mostly agree with you, but in my experience most (not all) people who are capable of using a static site generator will do so. Those who aren't comfortable with it use WordPress. I'm not slamming WordPress, just making an observation.
