Tech | Insights

Migrating from WordPress to a Headless CMS

Mike Steer | July 29, 2024 | 5 mins

Why WordPress?

There are many reasons a decision was made for WordPress to be the CMS of choice for a business.  It’s certainly one of the most well-known, having been around for over twenty years.  

It also has by far the largest market share of any CMS (over 62% at the time of writing). It can be a cost-effective option due to its free open-source nature, and the large number of WordPress developers all over the world.  With numerous prebuilt themes to extend and over 59,000 free plugins available on the WordPress plugin directory, there are certainly many reasons why companies make this choice.

Perhaps you’re reading this article because you’re currently using WordPress and are interested in what other options are available. It could be your development team is struggling with the limitations of the platform, you’re not getting the performance you’d like on the front end, or you are concerned about security or ongoing maintenance.  

Whatever the reason, and we’ll cover a few below, it’s important to know what your options are, and what to look out for to ensure that any future migration is as painless as possible, any loss of visibility in the short term is minimised, and in the end - results in an improved experience for both your marketing teams, your customers, and search engines.

Common concerns with WordPress

Whilst there are many areas we could look at with regard to WordPress, such as the two most common (and important) areas,Security and Extensibility, which we’ll dive into first. We will also then look at the underlying architecture of WordPress, and how the new breed of Headless CMS’ are different.

Security

While best programming practices and keeping both Wordpress and plugins up to date can make a big difference, Wordpress will always be a target for hackers.

According to WPScan, 52% of WordPress vulnerabilities are related to outdated WordPress plugins, while outdated WordPress themes cause 11% of the vulnerabilities. Not surprising then that according to this WPBeginner statistic, 86% of hacked WordPress websites contain obsolete versions of WordPress plugins and themes.

Extensibility 

Plugins are a key ingredient in the appeal of WordPress.  They offer a quick and easy way to enhance a site on anything from performance improvements (caching, image optimisation) and SEO (Yoast, RankMath), to connectors to other systems, such as CRMs. 

Part of the issue arises when you need to do something beyond the capabilities of the plugin.  If you find a limitation in the plugin you’re using, you can be limited on how you can extend this.  There are methods available (hooks/filters), but not all plugins provide a hook.  At this point, your options are to ask the Plugin author to add them (no guarantee), or fork the plugin and make the changes yourself.  The issue here though is that it will no longer receive updates - leaving the plugin in a potentially insecure state, and without any fixes or improvements.

Plugins can be created from scratch, to ensure it’s catering to your specific needs, however, this is more time-consuming and costly, and raises the question that if you’re not utilising the extensive plugins already available, might you be better off with an alternative to WordPress?

Monolithic Architecture

WordPress is what we refer to as a monolithic architecture.  What we mean by that is that it’s from the traditional approach of - it attempts to do everything.  The Backend (the admin interface where you manage your content, assets, etc) and the Frontend (the public-facing website) are intrinsically linked.  They’re part of the same codebase, and cannot be separated.  

This approach is deliberate, and in part - is the appeal of WordPress.  It works straight off the shelf, and in most cases, you can get a basic install up within 5 minutes.

We typically find that at some point, this frontend that comes pre-bundled with the backend starts to become restrictive.  You are not free to choose the best technology to use on the front end, using the latest technologies to create engaging, immersive, and (importantly) performant experiences.

As more focus is placed on performance, based on customer experience (More than 10 years ago, Amazon found that every 100ms of latency cost them 1% in sales. In 2006, Google found an extra .5 seconds in search page generation time dropped traffic by 20%), but also with Google’s Core Web Vitals page performance metrics now a metric of their ranking algorithm, a slower site can affect where you place in search results.

So what is the alternative I hear you ask.  Well, that brings us into the world of composable, headless web architecture. Here, the CMS is disconnected from the front end, it can therefore focus on providing an excellent backend interface.

You have the freedom to pick a CMS that offers best-in-class functionality, is more secure, scalable, and built from the ground up to be headless, performant, and flexible. You can then pick a frontend technology that meets your needs, un-tethered from the backend.

Now it’s worth noting that WordPress is now offered in a Headless format by people like WP Engine, however, whilst this does address the issues of a restricted frontend experience, it is still vulnerable to the issues raised above with regards to security, and extensibility.  

Time for a Change?

So, let’s assume you’re at a point where you are starting to feel the limitations of WordPress, as something you’ve started to outgrow.  

You’ve started to do some research, and you’re now looking at the new breed of CMS’ and Headless sounds like it might be a good idea. It gives you the flexibility of managing all your content in a modern, easy-to-use admin area, and you’re free to use a best-in-breed technology solution for the front end of the website, to create engaging experiences for your customers. Both internal and external stakeholders will be happy!

But, how does a migration work? We’ve got you covered, take a read of Migrating to a Headless CMS.