WordPress is an open source website platform that makes it very easy to create a website for your self and has become an industry standard of sorts across todays internet. It is fairly simple to administer and a very many now know how to use it.
Sounds great right? Unfortunately no...
An area of concern with wordpress is the fact that it is so popular that it has become an easy target for hackers and spammers. The nature of open source software is that everyone that has it inherently knows what all the other users have in place for security. This translates into vulnerabilities spreading through the web at lightning speed. When this happens, all it takes is a search for certain html patterns and anyone looking for that vulnerability easily has found another victim.
A case in study; we recently deployed a very simple website using wordpress - it was the latest version and we performed absolutely zero search engine optimization. We also installed good analytic software so that we could get an accurate picture of what was happening.
Within 10 day of just sitting there, we were getting comment spam attempts. Sometimes dozens a day. The only conclusion we could draw was that WordPress attracts trouble.
Now I dont know about you, but I cannot tell my clients that WordPress is a good idea in light of this. The last thing that I want to do to them is give them unnecessary work. Serious businesses deserve serious websites.
3rd Party Add-Ons "Add-On" to the stress.
It is also a very common occurence that WordPress websites will have 3rd party applications or "add ons" to perform the non standard functionality that your organization needs. Again, it was quick and cheap however here is where the trouble comes in to play. Open source software by nature will continuously be updated, often these updates change the core code. It's a fairly good chance that your "add on" will no longer work after an upgrade, especially a release level update. Now, you have to wait for that "3rd Party" who more than likely was not the web person you hired, to re-release it for the new version... if they do. If not, now you have to hire a real programmer and the entire premise of your decision to use word press is a moot point.
To make a long story short, do we make websites with WordPress? - Only if you absolutely must have it that way, and if we do, we absolutely can not guarantee its integrity against malicious attacks; we will not put our seal of approval on it.
Here is a good article about this sort of thing: http://www.forbes.com/sites/anthonykosner/2013/04/13/wordpress-under-attack-how-to-avoid-the-coming-botnet/
If you are going to take your website seriously, even if its not us you choose, hire a developer and feel confident that things will be done FOR you rather that suiting you through coincidence.