With the intro back in 2009 of quick setup, low-cost CMS-Content Management Systems, WordPress led the way in medium-scale web development. This position was consolidated with a dual mode Visual/Text editor using changeable and customizable theme files, and supported by 30++ thousand largely free plugins. These components delivered a broad range of backend capabilities [SEO, backup service, data handling, security firewalls, site optimizations], frontend components[image carousels and galleries, advanced accordions, tab, and tables, plus ground-breaking drag & drop WYSIWYG page builders which had superior layout and design tools] and general operation[advanced custom fields for sophisticated code designs, Integration tools for email, notification, GRAPHQL/RPC links to external apps and systems, master control panels of many WP websites] In sum, by January 2023 WordPress had 43% share of the top 30million website tracked by W3Techs and Builtwith.
This appeared to be a formidable position for WordPress vendors to make strides into the faat growing[ low-code/no-code development market. First, consider the Gartner Report for the size of the market:
In 2023 this is a $26Billion/year market currently growing at 19% per year. Forrester notes that Low-code platforms account for 75% of application development in 2021, up from 44% in 2020. Meanwhile, McKinsey sees a delicate dance between Formal IT and ShadowIT over the sometimes clandestine implementation of low-code versus no-code solutions. As we shall see below, both Gartner and Forrester see a limited role of WP based RAD-Rapid Application Development in this exploding market.
Why are WordPress Tools Not Qualified for Low-code Development?
In our recent review, Low-Coding Required Dominates Web Development, we described the size, players, and rapid changes in the market in detail. First, changing conditions in the low-code technologies used and the vendors present [drop outs, new entries, and buyouts] make for a volatile market. Also, the underlying business needs in an IT World faced with reliability, security as well as new waves of integration demands pose constant scheduling challenges.
But perhaps the most notable aspect of the low-code market were two factors. First, we could identify a lot of overlap among the vendors’ tools in the LCAP. BPM, RPA, IPaaS, and LDAP segments. How Gartner accounted for this overlap in its market size numbers is problematic. The second factor is the number of segments where RAD and WordPress could offer quick, low-cost, and highly customizable solutions were surprisingly large for LCAP, MDXP, IPaaS, HyperAutomation and LCAD segments. We shall explore these connections below but first lets see where WordPress falls short of Enterprise and large scale Low-code development needs.
Where WordPress Falls Short
Almost all of the Low-code development tools use Cloud-based systems. But still, 40% of business systems do not use cloud service as of 2022. Also, the move to the cloud is changing rapidly as many hosting services offer low-priced 2-3 year Cloud deals. This is important because Cloud servers allow for convenient backups, faster runtime performance, and better reliability but not security. So RAD WordPress users are encouraged to switch to Cloud servers. This is what Shopify, Wix and Squarespace did to level their backend services with WordPress sites.
WordPress, even with Cloud Clothing has 3 serious security problems.
First, WordPress sites are subject to simple poor passwords easily deciphered, and software plugins and apps are not updated in a timely fashion Most Low-code and many RAD programs take over the code update task;
Second, sophisticated SQL Injection routines, Cross-Site Scripting (XSS): XSS is a type of attack that injects malicious code. File Inclusion Exploits: file inclusion of hack code comes from a nominally legit remote source. All 3 of these attack vectors are covered by Website Firewall routines. which come with low-code and RAD tools
Third, brute force attacks and malware malicious code are external attacks stopped by Website Firewalls.
Clearly, the 40% of non-Cloud WordPress websites are more vulnerable to security problems.