Kev Quirk

This post is more than three years old so may contain incorrect information, or opinions I no longer hold.

Why I Don’t Use A Static Site Generator

08 Apr 2020 | ~3 minute read

I often receive inquisitive looks when I tell people I'm running WordPress on my website. Especially when I'm talking to other people in the InfoSec community where getting responses like, “WordPress, really? Why not a static site generator like Hugo?” is par for the course.

I saw this post on Fosstodon a few days ago, which I think is a perfect example of why I don't use a static site generator:

I use WordPress because it's easy and I can use it anywhere.

Want to blog on my iPad? I can. Want to do it on my phone? No problem. On a machine I don't normally use? Not an issue, as long as it has a browser.

Having to SSH into a Linux box, then editing a post on Vim just seems like a ridiculously high barrier for entry when it comes to writing on the go. The world is mobile first these days, like it or not, so writing on the go should be easy.


Yeah, I hear you, WordPress is less secure than a static site. There's no getting away from that fact - there's no admin interface for a threat actor to compromise.

For me, the potential risk of running WordPress vs a static site is what's important here. By using strong passwords, multi-factor authentication and good InfoSec hygiene, the potential attack surface of WordPress is significantly reduced.

But a static site is WAY quicker!

Is it though? You may have noticed this website is pretty darn quick. I've done some simple optimisations to make it run very quickly, even under heavy load. As a test, I wrote a static version of my site in HTML/CSS and compared the performance with WordPress.

Spoiler: there wasn't much in it.

A well optimised static site is probably going to out perform this site, and most of other sites for that matter. But it won't be by much, and a fraction of a second is hardly noticeable when it comes to a person's experience visiting a site.


If you use a static site generator, more power to you. For me though, I like that barrier to entry to be as low as possible. I like that I can log into a website, edit a post, then publish it.

GUIs are easy. Yes a terminal gives more control, but when the only thing you need to do is write a post, is a terminal not just making things overly complicated? I think so.

WordPress is far from perfect, but it works for me. If using a static site works for you, that's great. It would be a very boring world if we all liked the same thing. 🙂

Note: I've got nothing against Brandon, I think he's a great guy and I enjoy his content on Fosstodon - this was just a good example of an issue I perceive with static site generators.

Reply by email

Want more content?

Say no more, dear reader. Here's three random posts from this blog for you to peruse:

My First Wet Shave in 15 Years
29 Oct 2023

Why Are Newsletters So Painful?
25 Apr 2022

Why I Hate The Tux Linux Mascot
23 May 2021

← The one before
Why Having A Full Post RSS Feed Is A Good Idea

Up next →
Implementing The IndieWeb Into My Website

Enjoyed this post?

I put a lot of work into maintaining this site and I really enjoy interacting with my readers.

My fuel of choice is coffee, so if you did enjoy this post, or found it in any way useful, I'd appreciate more fuel to keep me going. ❤️

Buy me a coffee