Serious WordPress Development – Introduction

In my next series of articles, I would like to talk about practices that should help any “serious developer” to use the WordPress platform. By “serious developer” I mean anyone who wants to apply adequate software development practices with WordPress, as opposed to writing a blog and/or making some small PHP code changes in the WordPress admin.

Some context. This year I have led my team into building a web application on top of WordPress. We went for a (ReactJS + headless WordPress) approach i.e. we decided not to use WordPress as a website publishing front-end. Instead, we set it up as a headless Content Management System (CMS), only responsible for content authoring, accessible via secure REST APIs. Our intent was to write zero-to-little logic in the WordPress/PHP codebase, and as much logic as possible in the React/TypeScript codebase.

Note that WordPress/PHP is not a technology I would have chosen by default for a scalable and robust web application. But in this case it made sense for a few reasons. First, we had very limited time and budget, and I was not keen on building a set of back-end APIs from the ground up. Second, our customer needed a few administrative functions (e.g. list of registered users), which are provided by default through the WordPress admin UI. Finally we had one seasoned developer familiar with WordPress, who could help us bootstrap the project.

Nevertheless, I was keen on making sure we followed our usual development workflow i.e. develop and test locally, integrate safely, and automatically deploy to test and prod. Finally, many security aspects of the WordPress back-end required some attention, as WordPress is known to have many vulnerabilities.

The parts of our process I would like to describe more in details in this series are:

  • Part 1 – Local development setup
  • Part 2 – Environment specific configuration
  • Part 3 – Deployment of the application code
  • Part 4 – Management and deployment of database changes
  • Part 5 – Securing the WordPress site

There are other aspects of building applications with WordPress I will not cover in this series (e.g. unit testing), as I want to focus on what was really important to us.

I hope you will enjoy this series and feel free to comment if you need more details.



3 thoughts on “Serious WordPress Development – Introduction

  1. Hi JR

    > Note that WordPress/PHP is not a technology I would have chosen by default for a scalable and robust web application.

    Can you expand on this a bit more? runs hundreds of millions sites/blogs on a single WordPress instance and it sure is robust and scalable…

    I feel WordPress/PHP gets a bad rap because it’s not cool

    • Hello Alistair, thanks for your question.

      I do not think WordPress gets a bad rap. Most web agencies I worked with use it very extensively. It is IMO recognised as the number one Open-Source CMS, and therefore presents many advantages such as a proven architecture, massive community, and tons of hosting options.

      I think it is important to use a product for what it is designed for. I am not challenging WordPress as a CMS. Instead, I am saying I would not use it a general-purpose Web Application back-end. This is because the language, the monolithic design, and the complexity of database model makes it harder to optimise.

      Regardless, running a high-traffic / high-availability back-ends always requires processes behind a load balancer, which would be the same for WordPress. I am surprised when you say “ runs hundreds of millions sites/blogs on a single WordPress instance”. Maybe you can enlighten me?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s