NOTE: WordPress is right for you, only if you want to actually launch your membership site some day, make money from your site, and do not wish to spend an insane amount of time creating and maintaining it, and only if you do not wish to spend hundreds (or thousands) of dollars outsourcing the creation and maintenance of your site
I recently happened across a blog post that presents an argument about why you should not use WordPress for your membership site.
That seems to have caused quite a stir among my target audience (who are basically people who want to start a membership site using WordPress).
A couple of them wrote to me and asked me for my opinion, 1) because I am such a big evangelist of WordPress, and 2) because I have developed a Membership Plugin for WordPress.
I read the argument with interest, and of course felt that it was a very extreme, one-sided worldview of WordPress. I tried to comment there on the site itself, but I got a message that “the site owner has blocked you from commenting”. Not sure why. I will try again. But in the mean time, I simply had to post this here.
So, after you’ve read Alex’s argument for why you should not use WordPress for your membership site, read my (well-rounded, well-educated and balanced, IMHO 🙂 opinion about why you would be foolish NOT to use WordPress for your membership site – especially if you’re a small-biz owner, info-product marketer, blogger or Do-It-Yoursef’er, and don’t have a big team or a big budget to outsource your membership site development.
My note to Alex…
Having developed WordPress and Non-WordPress scripts for almost 15 years now, I have to respectfully disagree with your argument for not using WP for membership sites.
Let me try to present an objective argument here.
>>it doesnâ€™t matter which one you will choose to use as they all share one big flaw â€“ their dependency on the core of WordPress!<<
I am the developer of a plugin called DigitalAccessPass (DAP), which does *not* have a dependency on the core of WordPress. DAP is a separate piece of software, that can be plugged on TOP of wordpress, and only needs a simple, light-weight “Plugin” that acts as a “bridge” between WP and DAP. In the 15 months since the launch of DAP, and 10 months prior to that when we were developing DAP, WP has released a huge number of updates in those 25 months (2+ years), and we have *never* had a single instance where a WP update affected our script.
Again, it’s all in the design, right? DAP was deliberately designed from the ground up *not* to have a dependency on *any* CMS, not even WP. That’s the reason why DAP works right out of the box with regular, plain-ol HTML web sites, and using the “bridge” plugin concept, can be integrated into other CMS like Joomla, Drupal, etc (Joomla plugin for DAP is in the works as I write this). In fact, with just a little bit of work, DAP can be made to work with every imaginable CMS out there, for this very reason.
>>By themselves they will not function and same goes the WordPress core<<
See above. DAP will function all by itself with just regular HTML web sites.
>>WordPress is Open Source and its code is constantly under scrutiny not only by the good guys but also by people who are looking for a way to compromise your site<<
I can kind of agree with you there, but then, even software and services from even high profile companies, like Google and Microsoft get hacked or gamed. So, just because it’s open source doesn’t mean it’s more vulnerable, and just because it’s “closed source” doesn’t mean it is secure. It all depends on the developers and the community behind it.
I mean, non-WP sites get hacked all the time because the shared-site owner left a PHP script in there that’s vulnerable to XSS attacks, or left the permissions wide open inviting hackers to come join the party. That actually says more about the security of PHP itself, and the security of a shared-host environment. But why blame WP for that?
>>You quickly contact support of the developer who created the plugin you use for Membership Management before jumping into upgrade, as you have to ensure that it will continue to work with new version only to learn that he is taking romantic vacation on secluded island somewhere in Fiji and will not be back for next couple weeksâ€¦<<
Yes, I agree, that if you went with a small-time, one-man-developer solution, then regardless of whether they are in Fiji, or get hit by a bus, you’re going to be in trouble. That’s why you pick software from companies like mine, which have been around for 15 years, have written millions of lines of code for small businesses as well as for the enterprise, have a team in place for support, and won’t be going away any time soon (we can’t, because this is what we do :-).
>>I personally prefer that my membership script is separate and with dedicated support!<<
DAP totally fits the bill here :-). It is separate, and has dedicated, “non-outsourced” support 🙂
You are recommending a downloadable script solution at the end of your post – one which is developed in PHP. PHP has always been (arguably) one of the most insecure programming languages, just because, if you didn’t quite know what you’re doing, it allowed newbies to easily shoot themselves in the foot. Of course, PHP has come a long way since then, but it’s still not the most secure language.
Are we next going to start recommending that no one should use PHP scripts at all, and instead use something like Java or .NET?
So, whether it’s a programming language (PHP), a content management system (WP) or an operating system (Windoze), the solution is only as secure as its developers, the company backing it, and the community supporting it.
And most importantly, the security of a site is only as good as the actual “user” using it (if you download spyware and infected .exe files from the web and your computer gets infected, can you really blame Microsft for it?).
I guess you could blame MS, but that doesn’t mean you’re right.
So, when it comes to the quality of code, extensibility (hooks and filters and plugins) and the community, and the insanely large user base, WordPress simply can’t be beaten.
And when it comes to a membership script for WordPress, DAP also can’t be beaten 🙂
My humble $0.02 🙂
Appreciate the soapbox, the opportunity, and for your great post which seems to have evoked so many great responses 🙂
– Ravi Jayagopal
Founder & Developer, DigitalAccessPass .com
(Membership Script for WordPress)
I’m hoping to augment this soon with a more detailed article about using WordPress as the platform to build your membership site.
So stay tuned by subscribing to this blog or by following me on twitter.
Feel free to pass this link to other WordPress lovers, and don’t forget to add your comments below. And no, I won’t block them – even if you’re Alex 😉