Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Page 1 of 2 1 2 LastLast
Results 1 to 10 of 12
Like Tree2Likes

Thread: Custom Site vs Themes?

  1. #1
    Junior Member starray's Avatar
    Join Date
    Jul 2013
    Location
    NC
    Posts
    7
    Member #
    36757

    Custom Site vs Themes?

    Hey guys. I keep getting asked, "...why pay for a custom site as opposed to a Wordpress theme?". Honestly, I have no idea. Other than the fact I need the $$$. What makes one better than the other?

  2.  

  3. #2
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    One's custom, the other is stock.
    One is tailored to the needs of the business, the other isn't.
    If you know how to code a custom site, yours won't be a giant piece of Swiss cheese waiting for script kiddy rats to hack it and put pages up selling religious materials (I'm not making that up...I've actually seen that happen on a W*rdPr*ss site.)

    Although if you really need the money, W*rdPr*ss might actually be the way to go. You can get paid thousands just to update it every time there's a release.
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  4. #3
    Junior Member starray's Avatar
    Join Date
    Jul 2013
    Location
    NC
    Posts
    7
    Member #
    36757
    Quote Originally Posted by TheGAME1264 View Post
    One's custom, the other is stock.
    One is tailored to the needs of the business, the other isn't.
    If you know how to code a custom site, yours won't be a giant piece of Swiss cheese waiting for script kiddy rats to hack it and put pages up selling religious materials (I'm not making that up...I've actually seen that happen on a W*rdPr*ss site.)

    Although if you really need the money, W*rdPr*ss might actually be the way to go. You can get paid thousands just to update it every time there's a release.
    But how would you explain that to a client?

    Now I'm I think it's something that i'd have to personally research to come up with a more definitive answer as well as form my own opinion.

    I'm sure there is a 'designer vs theme' debate already in existence. Has to be.

  5. #4
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    The way I just did to you. Mind you, my approach is radically different to that of most people.

    Here's something that will back up the security thing:

    2010's Most Dangerous List | Trend Micro | Malware Blog
    Brute-Force WordPress Attacks Affect Thousands of Sites | Security Intelligence Blog | Trend Micro

    Some raw log analysis based on experience might help, as you'll find the bot/hacker wannabes often target common CMSes.

    So that alone is enough not to ever use W*rdPr*ss.
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  6. #5
    Junior Member starray's Avatar
    Join Date
    Jul 2013
    Location
    NC
    Posts
    7
    Member #
    36757
    So it seems that while WP is valuable to clients who are more 'hands on' and would like to constantly have their sites display different/updated information. The problem with this is WP has serious security/spam issues. Also clients tend to get to 'hands on' and ruin the code themselves. As well as the WP updates seems to cause a lot of frustration among users.

    Custom html sites are far more brand oriented. If designed by the right person or team a dynamic website will even drive a product. Proper web design will generate customers and impress customers generally meaning more revenue if that is the purpose of the site.

    Thanks to TheGame1264 for the links.

    While WP may be 'initially' welcoming the chance of users still relying upon a web designer or developer is still more thank likely.

    Personally, I feel like you should want and have your brand represented with the best possible resources available and that safety is cause for major concern and shouldn't be taken lightly.

  7. #6
    WDF Staff AlphaMare's Avatar
    Join Date
    Oct 2009
    Location
    Montreal, Canada
    Posts
    4,570
    Member #
    20277
    Liked
    878 times
    I know The Game doesn't like Wordpress - I on the other hand, use it quite often for my more budget-challenged clients. There is always a lot of talk about how vulnerable WP is - and that is true if steps are not taken to harden it. I quote from the article Game cites;
    "Both users and site administrators can help mitigate threats like these. This particular attack only targeted administrator accounts that had not changed their default login name (admin). It is advisable that users change this to another login name of their choice. These and other steps to mitigate against this attack are outlined in WordPress’s online manual."

    Many people who are using WP to create their own sites are using the "one-click install" offered by many hosts - this is easy but it also makes the sites the most vulnerable to attack.

    Properly installed (manually) you can take several steps during the installation to harden the site right from the beginning. Don't use the defaults - use unique names for the database and administrator, and change the table prefix.

    There are a couple of really good security plugins as well, and updates should not break but rather enhance the security and functionality of the site. The updates will only break the site if a theme is being used that is not kept current with the version of WP - many purchased "premium" themes are not maintained this way and can lead to trouble. This is why it is very important to understand child themes, so that you can build your own which will remain functional, independent of the core code.

    As for client ruining the code themselves, access levels can be customized to prevent this happening. I generally set it up so that my clients have "editor" privileges - they can add or edit pages and posts, and set up photo galleries or portfolio pages if necessary, but cannot change the appearance (theme), access the code editor, or interfere with the functionality of the site.

    It basically comes down to the fact that most of the hacked WP sites are those set up and "maintained" by amateurs. If you know what you're doing it can be a really useful tool and allows the production of a well-designed site that takes far less time than a hand-coded CMS, which therefore is appealing to clients on a smaller budget.
    Last edited by AlphaMare; Jul 12th, 2013 at 10:39 PM. Reason: punctuation
    Good design should never say "Look at me!"
    It should say "Look at this." ~ David Craib


    http://digitalinsite.ca ~ my current site . . info@digitalinsite.ca ~ my email

    If you feel that someone's post helped you fix your problem, answered your question, or just made you feel better, feel free to "Like" their post. The "Like" link is at the bottom right of each post, along side the "reply" link. And if you are being helped here, try to help someone else - pass it on!

  8. #7
    Junior Member starray's Avatar
    Join Date
    Jul 2013
    Location
    NC
    Posts
    7
    Member #
    36757
    Quote Originally Posted by AlphaMare View Post
    I know The Game doesn't like Wordpress - I on the other hand, use it quite often for my more budget-challenged clients. There is always a lot of talk about how vulnerable WP is - and that is true if steps are not taken to harden it. I quote from the article Game cites;
    "Both users and site administrators can help mitigate threats like these. This particular attack only targeted administrator accounts that had not changed their default login name (admin). It is advisable that users change this to another login name of their choice. These and other steps to mitigate against this attack are outlined in WordPress’s online manual."

    Many people who are using WP to create their own sites are using the "one-click install" offered by many hosts - this is easy but it also makes the sites the most vulnerable to attack.

    Properly installed (manually) you can take several steps during the installation to harden the site right from the beginning. Don't use the defaults - use unique names for the database and administrator, and change the table prefix.

    There are a couple of really good security plugins as well, and updates should not break but rather enhance the security and functionality of the site. The updates will only break the site if a theme is being used that is not kept current with the version of WP - many purchased "premium" themes are not maintained this way and can lead to trouble. This is why it is very important to understand child themes, so that you can build your own which will remain functional, independent of the core code.

    As for client ruining the code themselves, access levels can be customized to prevent this happening. I generally set it up so that my clients have "editor" privileges - they can add or edit pages and posts, and set up photo galleries or portfolio pages if necessary, but cannot change the appearance (theme), access the code editor, or interfere with the functionality of the site.

    It basically comes down to the fact that most of the hacked WP sites are those set up and "maintained" by amateurs. If you know what you're doing it can be a really useful tool and allows the production of a well-designed site that takes far less time than a hand-coded CMS, which therefore is appealing to clients on a smaller budget.
    Very well put.

    Thanks.

  9. #8
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    That's just it...I've employed those measures (no default admin user, non-standard prefixes, manual install) and it still happened. I've even seen a case on Sectorlink once where every WP site on one particular shared shared server was hacked...and this wasn't on them either, because they're borderline paranoid about patching/updating servers (in a good way). The non-WP sites were fine...it was WP sites only. This was a few years back, but I have no confidence that things like that were ever solved.

    Security plugins don't really cut it, either, for the simple reason that they're plugins. That means they're subject to the same problem that WP itself is i.e. it's a greater risk of being a target to be hacked since the payload is greater.

    Whenever I build anything that allows for data modification whatsoever, I always, always, always build it using a custom encryption algorithm that I came up with. I don't care if it's as simple as users updating registration info, I do it. The encryption algorithm contains a unique key for each site, so even if it does somehow get hacked (and it hasn't in the seven years I've had it in place), it's only good for one site. Try hacking the rest of the sites I built the same way, baby gets nothing since the key is different. I've also only ever had one site hacked, and it was because I was transferring it to a new server and hadn't gotten to the point where I had put the shield up yet (the hackers hit at precisely the right time). I also by default don't allow for the use of "admin" as a folder name for administration purposes.

    Now, this isn't to say that WP doesn't have its uses. For non-commercial stuff, okay. Even for small, simple, low-payload stuff, I can get why people would use it (I still wouldn't, but that's just me). As soon as you get into anything requiring registrations, e-commerce, custom search, data manipulation, custom contact forms, etc., WP does not and probably never will cut the mustard.

    I'm also anticipating a day when it becomes like Firefox...it reaches a peak, and then gradually declines in usage as it becomes more and more bloated.
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  10. #9
    WDF Staff AlphaMare's Avatar
    Join Date
    Oct 2009
    Location
    Montreal, Canada
    Posts
    4,570
    Member #
    20277
    Liked
    878 times
    I do agree that I would never use WP for e-commerce, and I have never had a client who required more from their site than just being able to update the text and image content- my target market is (very) small businesses and professional individuals - basically brochure sites with possibly a portfolio or maybe a couple of (externally linked) downloadable PDFs.

    I'm not sure how long ago TheGame had his WP site hacked - I do know that every WP site I put up has several unique keys and salts in the config file; I also use a small script I made to change the login path.

    I started out about 1996 as strictly a designer - using Netscape (!) as my editor. Since then I have taken several college courses in various coding languages, and more online tutorials than I care to count. I have also learned an enormous amount here on these forums, encountering questions I would never have thought of on my own. I am getting better and better at it - one day soon I hope I'll be a good enough coder to write my own CMS.

    I'm not there yet but tearing WP apart and studying it has helped me to understand how it works - and that has helped me to understand a lot of the security issues, and deal with them. I am also studying some opensource shopping cart software - seeing the similarities and the differences - saving snippets and trying out various combinations with my own code in WAMP and on my dev server. It`s a good thing it`s so much fun or I would have given up long since!

    I`ll continue to use WP for the sites where I feel it`s appropriate - and hand-code others when that is called for. My own site is a combination - the main site is hand-coded, with a WP blog).
    starray likes this.
    Good design should never say "Look at me!"
    It should say "Look at this." ~ David Craib


    http://digitalinsite.ca ~ my current site . . info@digitalinsite.ca ~ my email

    If you feel that someone's post helped you fix your problem, answered your question, or just made you feel better, feel free to "Like" their post. The "Like" link is at the bottom right of each post, along side the "reply" link. And if you are being helped here, try to help someone else - pass it on!

  11. #10
    Junior Member
    Join Date
    Jul 2013
    Posts
    4
    Member #
    36748
    Liked
    1 times
    For me, custom website is better than a template. You cannot completely apply your idea using a template, because templates are designed generally. The following article will help you to select between the two...
    Custom Web Design vs Website Templates
    starray likes this.


Page 1 of 2 1 2 LastLast

Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Tags for this Thread

All times are GMT -6. The time now is 09:47 PM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com