Been auditing a headless WordPress site build this week. It’s been built really well. All the plugins and theme code is really good. I don’t really do react but the Nuxt instance seems lean and clean but damn it’s slow.
You really see what @slightlyoff has been telling people for so long why this is just bad practice. They could have just built PHP templates (it’s mostly ACF blocks anyway) and would have been several times faster.
More context from Alex here:
https://infrequently.org/series/reckoning/
=> More informations about this toot | More toots from dogwonder@mastodon.social
@dogwonder @slightlyoff I can appreciate headless from a security perspective, but damn is it reinventing the wheel sometimes for the sake of implementing the latest frameworks.
=> More informations about this toot | More toots from jbwharris@mstdn.ca
@jbwharris @slightlyoff right?! Yeah i mention that in the audit. But from what I can tell this isn’t even on admin.example.com. Personally I usually recommend managed hosting. Obviously nothing is 100% secure but feel WPEngine or Pressable feels secure.
=> More informations about this toot | More toots from dogwonder@mastodon.social This content has been proxied by September (3851b).Proxy Information
text/gemini