Someone asked the other day, “What is the best option for my online shop?”. A very open ended question, but let’s try and answer it. Actual plugins and extensions are next on the discussion as we need to sort which platform to use first.

Your main options are:
– A hosted solution (Like Shopify) that costs per month and removes the IT / Security headache but limits your options
– Self hosted CMS – All your problem
– A ‘managed’ hosting where you pay someone else to take care of the headaches for you (this is what Jam88 does).

Many options on the self hosted, all with plusses and minuses.
Wordpress is free, lots of plugins and a big hacking target due to it’s market dominance and ‘free’ plugins
Drupal, Joomla – Less common, less free stuff, smaller hacking target
Concrete5, Magento – Rare, Steeper learning curve and / or the extras cost, unlikely to be hacked.

So it comes down to a trade off. Free but with some risk or pay and almost no risk from hacking.

Anything made and sold for free has risks, that’s why the WP plugins are being used for attacks – Little reward or reputation on the line to make them ‘perfect’. The diversity of programming talent and the wide open architecture is a challenge to secure. A more secure environment limits choice and requires paid labour to design and maintain it. Reward attracts programmers who can earn a living expressing their talent, free attracts part timers and people practicing – you can’t pay the bills by giving away your work. PC vs Mac.

The ‘killer’ requirement is frequently ‘free plugins / options’. This limits you (mainly) to WordPress (Drupal or Joomla). Nothing else has the range at the price. Remember though, time is money, and a ‘paid for’ solution that is secure is probably cheaper than spending a week recovering from a hack.

I’ve had Concrete5 sites for over 3 years and never an attack. WordPress – daily attempts, 2 ‘successes’ (When WP itself was hacked in 2013 and the plugin issues in 2014). Time to fix and rebuild a site vs ‘set and forget’.

If your priority is ‘no-cost’ go WordPress, and pay with time and maintenance otherwise spend $ upfront.

