Wordpress vs HTML website

anonymous wrote on Wednesday, March 05, 2014:

I’m currently in the market for a website. Our practice needs a web presence and all these medical directory aggregate sites have severely outdated information for our doctor. I’ve received a good offer through another forum I frequent, but the designer specifically uses Wordpress.

From what I’m reading, it seems Wordpress has had significant security issues in the past. I prefer to host the website myself along with OpenEMR and a couple other web apps our office uses. What I’m not looking for is another piece of software that would require constant security updates. Is this somehting worth worrying about? If so, do you have any recommendations on someone who can code a basic site for us with HTML/CSS/Javascript?

sunsetsystems wrote on Wednesday, March 05, 2014:

WordPress looks pretty good to me. I would not hesitate to use it, but with a couple of caveats:

  1. Don’t run ANY public-facing site on the same server with OpenEMR. You might for example run the WordPress site in a virtual machine if you don’t want to dedicate a physical machine to it.

  2. Wordpress core is well tested, but there are almost 30,000 plugins for it, most of which are not so well tested. Be very choosey about which plugins you install.

Rod
http://www.sunsetsystems.com/

anonymous wrote on Wednesday, March 05, 2014:

Thanks, Rod. My current configuration is Ubuntu Server and KVM with separate virtual machines for our web and mail server. Web server is running OpenEMR, TimeTrex and Owncloud. Bad idea? I was hoping to limit the number of virtual machines, but I suppose I can separate them if needed.

sunsetsystems wrote on Wednesday, March 05, 2014:

Sounds like your current web server is restricted to internal use. I suggest you keep it that way and not expose it to the public. Better to run a public site on your mail server or in its own separate VM. The important thing is to consider the consequences if it’s compromised,

Rod
http://www.sunsetsystems.com/