Being an engineer for a managed services company I have to support more than a few Wordpress installations. Over the years, I have experienced some issues with supporting Wordpress as a content management system.
Keep Your Installation Updated
The first issue is the number of updates that are released for the product. It is not so much the updates themselves, it is the number of users that do not update their sites when the updates are released. Please keep your Wordpress install and plug-ins updated. Running out of date software opens your site up to being hacked. I have fixed more than a few hacked sites for customers. The hacks I have seen are usually in the header or in a plug-in. A hacked Wordpress site can cause pop-up, page redirects, or could possible try to download malware or a virus to your visitor’s computer. You should also keep a current backup of your content and data in case the site needs to be reinstalled from scratch. There are backup plug-ins for Wordpress that can backup your site automatically.
Use Strong Credentials
Another issue with using Wordpress are Botnets that brute force the admin login account. If you are not aware of what this is, there are currently over 90,000 compromised web servers that search for Wordpress sites. When they find one they attempt to break into the site using a dictionary attack. The best way to avoid this issue is to change the Admin username to something other than Admin and have a strong password. You can also install plugins that will block an IP if tries to login and fails too many times. One such plugin is BruteProtect which is now part of the JetPack plug-in.
If you are a company that uses a custom plug-ins, it is sometimes very hard to keep your site updated because the update will break your customization. This can get expensive if you have to contact your developer every time there is an update. Some users will not bother to update the site which leads to hacking issues.
Customizations in General
Unless you can program PHP and are a HTML and CSS guru your site is going to look like everyone else’s site. Yes, there are templates you can buy or download, but to truly have a site that is yours you are going to have to pay or roll up your sleeves and get your hands dirty.