Yes, WordPress is Dying

When I say WordPress is dying, I mean that its popularity has peaked and will slowly lose market share. WordPress isn't dead. It will likely be the most commonly used CMS for at least the next 5 years.

To summarize the points in this article, WordPress is dying because there are better options available and developers are switching to these modern alternatives. Strapi, Payload CMS, Drupal, Webflow, Sanity and Contentful are all superior to WordPress. The areas where WordPress underperforms include:

• Poor security track record and is the target of 70% - 90% of hacked websites.
• Doesn't include basic CMS features in its core software. 
• Too dependent on plugins for functionality.
• Developers are migrating from PHP to other languages.
• WordPress is slow.
• The lack of content types and fields in core make it a bad choice for a headless CMS. 

This doesn't look like a slight correction on the way to higher highs. This looks more like an inflection point. This figures combined with the evolving CMS and development landscape are what have me convinced WordPress is in decline.

Source: https://trends.builtwith.com/cms/WordPress

Here is an additional data point showing WordPress peaking in popularity during 2022:

Source: https://w3techs.com/technologies/history_overview/content_management

“But, the majority of websites are powered by PHP.”

That’s true, and it's a testament to PHP's long-standing influence in web development, primarily through widespread platforms like WordPress and Drupal. However, it's important to recognize the changing software development trends, where PHP is not the go-to choice for most new applications. New projects are increasingly built using Node/Typescript, Python, Go, Rust and Java.

While PHP continues to play a significant role in maintaining and updating existing applications, the advent of newer programming languages and frameworks has shifted the preference for new projects. Languages such as JavaScript (with Node.js for server-side development), Python, Go, and Kotlin have gained popularity for their performance, scalability, and suitability for emerging technologies and paradigms, such as machine learning, microservices, and mobile app development.

As new projects replace legacy projects, developers are choosing alternatives and PHP is losing market share. This trend is illustrated in this report from TIOBE:

Source: https://www.tiobe.com/tiobe-index/

Acknowledging the broader trends, it's clear that the landscape of new application development is diverse, with PHP occupying a specific, though not dominant, niche. If developers continue migrating to alternative languages, it could become a problem for CMSs like WordPress and Drupal.

For years, WordPress plugins have allowed low-code builders to add design and functionality to websites without the need to involve developers. This is a big plus because involving developers significantly increases project cost and timelines. 

But these plugins come with a cost.

Performance

Most importantly, plugins negatively impact performance. As you add more plugins, your site's load time will increase. This can get pretty egregious and it's not uncommon to see feature-heavy WordPress sites that take more than 5 seconds to load.

Dependency on Paid Plugins

A fresh installation of WordPress doesn’t do much. Listed below are some very basic features that any serious CMS should have. WordPress doesn't have them and this forces users to add plugins. 

• You can't export content to a CSV file
• You can't add and edit the columns of content views in the admin UI. This also rules out a lot of content sorting options. 
• You can't add custom content types or custom fields.

In WordPress, these basic features are handled by plugins, and the most popular plugins for these features have paid versions. I find that most projects require the paid versions of these plugins. 

Drupal, Joomla, Sanity, Strapi, Contentful, Webflow, and Wix all include these features out-of-the-box.

A good developer with experience building WordPress sites can build a site with decent load times. However, that same developer can make a site that loads even faster using Drupal, Webflow, Strapi, Contentful, Sanity and many other CMSs. 

Pingdom Tests

I ran some Pingdom tests for a number of different websites and here are the approximate average loads times. 

• Webflow: 600ms
• Drupal:  950ms
• Strapi and Next.js: 350ms

I ran this test for multiple WordPress sites, and to be fair, I looked for prominent WordPress developers in the Kansas City area. Most of the load times ranged from 1.5 seconds to 2.5 seconds. The one exception was Kristen Falkner's site which had a 650ms load time. Impressive. It would be fair to say that other content management system load twice as fast as WordPress.

Plugins Increase Load Time

This is an area where WordPress's heavy dependence on plugins causes problems. The more plugins you add to your site, the slower your site will load. Because WordPress doesn't do much out of the box, you're going to need plugins.

Caching

Drupal, Webflow and Next.js (which covers most headless CMSs) all have caching and/or build optimizations as part of the core product. WordPress doesn't include this in their core project. You'll have to install a plugin. The top option for this is WP Rocket, which cost $59 to $299 per year. 

A content management system's purpose is to help manage content. At a basic level, if provides users with a friendly interface to create content, store content, establish content workflows, and control access to content. From a more technical perspective, a CMS creates the data model for an application. Content types are tables. Fields are table columns. And reference fields represent relationships between tables. These are the areas where a CMS needs to excel. If extra features are offered, great, but not at the expense of the core purpose of the CRM.

The headless CMS architecture highlights the real scope of a CMS. The CMS doesn't provide any functionality to the front-end. It returns JSON data that allows a separate front-end application to create the user experience. 

Headless CMS and WordPress

This approach to content management puts a spotlight on WordPress's flaws and shortcomings. If a headless architecture relieves the CMS of its frontend duties, it needs to excel at content management and creating the data model. 

This is WordPress's worst quality. It's one of the worst options for a headless website.

WordPress requires the ACF plugin to create custom content types and create custom fields. And if you want to create relationships between those fields, you're going to need to pay for the ACF Pro version.

It blows my mind that WordPress still abdicates these basic features to plugin developers.

Depending on which source you look at, WordPress is responsible for 70% - 90% of hacked websites. WordPress's market share is at ~45% so the software is responsible for an outsized majority of hacks. 

WordPress advocates often blame WordPress admins for not following security protocols. Some of these protocols include:

• Always keeping WordPress core updated.
• Keep plugins updated.
• Keep your themes updated.
• Don't mess up your file permissions.
• Use a reputable host. Improperly configured hosting servers can lead to exploits.
• Don't install faulty themes or plugins.
• Use a really strong password.

The problem with this is that WordPress is marketed as a solution that is appropriate for novices because it's "easy to use." Less experienced users may not have a good feel for which plugins and themes are problematic. They will probably be some gaps in their core and plugin update routine. Your average WordPress user will not reliably follow all of those protocols. 

You can claim WordPress is "easy to maintain" or you can tout the software's security, but you can't do both. Keeping WordPress secure requires some concerted effort and knowledge of the software's ecosystem.

Good security means dealing with the reality of your users' knowledge and capabilities. Blaming "lazy admins" for security breaches is how you end up with 80% share of hacked websites. Hacked websites aren't going to persuade users to delve into the nuance of WordPress security. Users are just going to move to Squarespace, Webflow, and other competitors that are both more secure and easier to maintain.

If WordPress is dying, then other platforms must be growing. Below are the CMSs that present the biggest threat WordPress.

Squarespace, Wix, Weebly - The No Code Page Builders

Ideal for budget-conscious companies with limited design and development resources, these no-code builders simplify website creation. They don’t require users to worry about selecting the right host and updating the core software and plugins. Hosted by the companies themselves, these CMS platforms eliminate the need for users to select hosting services or update core software and plugins, making them easier to maintain and more secure. They also include SEO configuration options for small businesses and generally load faster than WordPress, making them superior choices for companies needing basic websites.

Webflow

For companies that want more flexibility than Wix and Squarespace, Webflow is a good candidate. It allows for more innovative designs and complex site structures than the aforementioned no-code builders.  The software has a similar no-code user-interface, but with more intricate configuration options. Webflow mimics standard web development, but providers a user-interface as opposed to editing code.  Webflow also offers an easy-to-use components feature that allows common website parts to be easily reused. 

Compared to WordPress, Webflow offers many default features that would require plugins when using WordPress. These features include:

• Creating custom content types
• Creating custom fields
• Creating list views of custom content types
• Exporting your content as a CSV file

Like other no-code builders, Webflow hosts all the websites on their platform, and this provides better security - especially for less experienced developers. You will sometimes see people suggest that Webflow can’t build complex site features, and is only for "basic websites.", This has not been my experience. I think this is coming from users who only have a superficial understanding of the platform. I’m constantly surprised by the things you can do in Webflow once you learn the system.

Strapi, Contentful, Payload CMS - Headless CMSs

For companies that want more control and flexibility than Webflow offers, these modern, headless CMSs are compelling options. They offer developers the freedom to build what they want while making content easily accessible through APIs. This flexibility allows developers to build structured content systems and deliver them to any channel or device. 

These headless CMSs require more technical skill to develop than WordPress, but they also offer a number of advantages, including:

• Extremely fast load times as low as 300ms
• Because these CMSs only output JSON through an API, there is a much lower chance your site will be hacked.
• These CMSs are built using TypeScript/JavaScript, which is increasingly the more preferred language for developers. 
• Easily use whatever frontend technology you want (Vue.js, Next.js)
• Power multiple websites and applications from a single CMS instance through APIs.

The evolving CMS landscape highlights a move towards user-friendliness, security, and adaptability. As WordPress grapples with these modern demands, alternatives like Squarespace, Wix, Weebly, Webflow, and headless CMSs such as Strapi, Contentful, Payload CMS, and Sanity gain ground. These platforms serve varied needs, from small businesses seeking simple, maintenance-free websites to enterprises needing advanced, scalable solutions. Each offers unique benefits that may outweigh WordPress for specific projects. This shift suggests a future where the choice of CMS is driven by the need for ease of use and technological flexibility.

While WordPress has undoubtedly left an indelible mark on the digital landscape, its future hangs in the balance amid evolving web technologies and shifting developer preferences. The platform's challenges—ranging from security vulnerabilities to its reliance on plugins and shortcomings as a headless CMS—underscore the pressing need for transformative change. As the web development community continues to explore and embrace more modern, efficient, and secure alternatives, WordPress must innovate or risk a gradual decline in relevance. 

The next few years will be critical in determining whether WordPress can adapt to the demands of the contemporary internet or if it will slowly lose relevance.