I maintain quite a few blogs, and have already written about some of the details, but here's the basic summary of why I'm leaving Wordpress:
- I'm tired of having to keep on top of Wordpress updates. Originally I hadn't realized how important it was to update to the newest version AS SOON AS POSSIBLE AFTER ITS RELEASE but now I do. The Wordpress developers don't maintain security patches for older versions for Wordpress so once a new release is made available, the info required to exploit the security vulnerability in the older version is likely publicly available. Yes, you can always opt to have all your Wordpress installations automatically updated en masse, but when I tried that, I ran into more headaches.
- I'm tired of having to keep up with plugin updates. Similar reasons to the above, plus I discovered that if you leave old plugin code around, even if it's a plugin that's not activated, it can pose a security risk. Do read this post before you activate any Wordpress plugins to fully understand. Some of my users who use Wordpress suggested just not using any plugins, but the plugin functionality was one of the main reasons I had opted for the Wordpress platform in the first place.
- If I ran into problems with Wordpress, it was up to me to find the answers. Once upon a time, this was no problem. I even enjoyed the research online, digging and verifying the info, implementing and testing. Now, I have less time for that sort of thing. Or rather, my priorities have changed. Plus with SO much info online, it took more time to sort through all the conflicting advice I found to determine which solution would work the best.
- I got hacked several times. In my naive innocence, I had figured my sites were too small to attract the attention of hackers, but I had forgotten that I didn't have to be specifically targeted to get hacked. A hackers' program can just look for Wordpress installations with vulnerabilities (ANY installations), then insert malicious code in your database. Jeff and I deleted and reinstalled Wordpress installations, looked for foreign code, followed directions given on hack-solving posts online. I spent WEEKS researching and trying different solutions but in the end, only found a partial solution. We managed to get rid of the malware hack, but other malicious code lingered where we couldn't find it. My sites looked fine, for example, but sometimes spewed pharmaceutical information to search engines instead of the actual content.
Meanwhile, I kept thinking, "Even if I manage to fix this, what's to prevent this happening again?"
SUMMARY: I wanted someone else to worry about the tech/admin part of running the site, so I could focus on the content.
Why I chose Squarespace
It was highly recommended by some people I respect.
It's been around for a while.
It has a working business model. Yes, you have to pay a monthly fee, but this means that the company has a vested interest in keeping its customers happy.
It has excellent customer support. I tested this out when I tried out a trial account for a few weeks (which DIDN'T require me to enter any credit card info). During business hours, I get answers to most of my questions within 15 minutes. Outside of business hours, I -still- get answers, though it can take longer.
I'll be posting more about my experience (good and bad) about making the switch from Wordpress to Squarespace, in case others are considering doing the same.
Before you think I'm dissing Wordpress...
Yes, the Wordpress community reacts quickly and posts solutions. But like this Scobelizer post says, I feel like I had a break-in at home...feeling not as safe, not nearly as complacent as before.
If you stay on top of Wordpress releases, take appropriate security measures and are capable of doing damage control afterward, then you're fine. I've decided that I'd rather pay someone else to worry about website tech admin, so I can focus on the content.
Also, do regular searches for your website(s) through Google. You may have been hacked already and not even know it.