Portal Home > Knowledgebase > Articles Database > Is WordPress good (secure) enough to start an e-Commerce Project?
Is WordPress good (secure) enough to start an e-Commerce Project?
| Posted by helloitsrahul, 09-28-2011, 01:41 AM |
| Is WordPress a good option to start an e-Commerce website, where security is the major concern? My project also includes integrating a Payment Gateway. Would it be secure to work on WordPress on the whole? Thanks in advance.
|
| Posted by activelobby4u, 09-28-2011, 01:47 AM |
| i suggest oscommerce or magento.
|
| Posted by timta, 09-28-2011, 11:58 AM |
| Wordpress is fairly secure in and of itself, but when you start adding 3rd party code(themes, plugins etc) then that can make it insecure, same goes true for most software.
|
| Posted by KMyers, 09-28-2011, 12:25 PM |
| Hello,
WordPress is often one of the most exploited scripts out there. This is mainly due to insecure plugins but in a few cases have been with the WordPress core itself. I would use Magento as it is currently one of the most active.
WARNING : Magneto uses a LOT of resources
|
| Posted by Zachary McClung, 09-28-2011, 12:31 PM |
| I would definitely look at an actual shopping cart software. WordPress is good for a lot of things; however, I would not trust it for ecommerce except if it was PayPal only as a payment gateway.
|
| Posted by ishan, 09-28-2011, 05:44 PM |
| Wordpress + eShop or WP-ecommerce makes for a good combo.
Depends on what you want, imo. Magento will come with a lot of unnecessary features and use a lot of resources.
I personally found Wp e-commerce a very useful and flexible plugin.
|
| Posted by ssfred, 09-29-2011, 05:24 AM |
| For e-commerce site, I would suggest Magento.
|
| Posted by SPaReK, 09-29-2011, 10:03 AM |
| I would avoid osCommerce unless you like scouring their forums and manually modifying the files to fix security exploits.
Need to fix Security Exploit #1? Change line 177 on the file this_file.php, unless you applied the previous fix for Exploit A, then line 177 becomes line 183.
|
| Posted by CoderJosh, 09-29-2011, 11:31 AM |
| If eCommerce is the main or only purpose of the site, there are indeed other programs that are more suitable than WordPress.
It's possible to keep a WordPress site secure, by securing it during the initial installation, by keeping it updated and by choosing the plugins and theme(s) very carefully. With WordPress, like with any other web application, security is an ongoing process. It's very important to realize that and to act accordingly.
|
| Posted by tvcnet, 09-29-2011, 11:03 PM |
| Wordpress is more "gamed" than most other CMS's because it's so popular, due to it being one of the easiest to manage CMS's on the planet today.
I've been at this for 15 years and I can't stress enough to folks when choosing a web host for your Wordpress site, to only consider hosting your website with a host who proudly discusses "security" within the top fold of their home page.
Best to steer clear of any web host who's claim to fame are bursting at the seams cleavage or a spotty security record (been hacked repeatedly in the past). These folks tend to be hacker magnets.
There are low cost hosting companies who provide free malware scanning with shared hosting plans.
If you host a wordpress site not hosting with a web host who monitors your site for malware you are playing Russian roulette with your business.
That said, the only real security is proactive monitoring, hour by hour surveillance, and at least a daily backup recovery plan, such that when you are hacked your can resolve the matter before it becomes catastrophic or a business-ender.
Best Wishes,
Jim Walker
The Hack Repair Guy
|
| Posted by vespid, 12-05-2011, 05:33 PM |
| It depends what you're looking for. I'm starting up a fairly small shop (not many products, not expecting huge amounts of traffic) so I'm going for the wordpress option. If I was running a larger store that needed hundreds of complex features I would go with Magento. I've tried to use it before for my small needs but it didn't really work, there was too much going on for me to get to grips with that easily for the simplicity that I needed.
|
| Posted by tvcnet, 12-05-2011, 05:43 PM |
| 1 on Magento as well, or any proprietary shopping cart for that matter.
A quick google on most will bring up pros and cons.
I'm a big fan of PDG Software for their focus on developing a secure shopping cart with impressively responsive tech support.
Magento was hit with a spate of security flaws back in 2009/2010, but seem to have cleaned up their act a great deal since then.
|
| Posted by hostultimo, 12-05-2011, 08:05 PM |
| Magneto is a villain on X Men
I would recommend it once you keep the amount of plugins you want to use to a minimum. About under 5 is good to me. With any CMS out there, you always have to be on top of your game and update, watch and secure your installation as best as possible. Hackers are always looking for the next thing to crack, break and get into
Wordpress is as secure as you make it.
|
| Posted by brianoz, 12-06-2011, 07:27 AM |
| WP-eCommerce - unmitigated buggy disaster, don't go near it, don't walk, RUN away from it.
osCommerce - badly outdated, don't touch it (+1 to above re patches)
Magento - not for the fainthearted, performance OK if you know how to set it up and understand server admin a little
Haven't got much experience with others, but the key thing is to work out the size of shop and what you want to do, and then look for top ranking products. I think Shopp might be good; please post what you find.
Wordpress itself is one of the most secure CMSes as they have auto-update and release patches quickly. A good host helps - if they have the mix of mod_security, CSF, and a hardened server.
|
| Posted by pmabraham, 12-06-2011, 01:51 PM |
| Good day:
See http://codex.wordpress.org/Hardening_WordPress for a well written guide to secure WordPress.
Thank you.
|
Add to Favourites 
Print this Article
Also Read
