Scaling WordPress to The Enterprise

WordPress is by far the most used software platform powering more websites than any other platform by a massive magnitude of almost 10 to 1. According to Builtwith WordPress powers almost 20 million websites, compared to only 2 million for the second leading platform Joomla, which is clearly decreasing in usage.
Unfortunately for WordPress specialists like us, we find there is still a major stigma that WordPress is only used for small business websites or blogs when that could not be further from the truth. We have worked with major corporations on WordPress projects and successfully scaled WordPress to massive traffic heights, complex use cases, and have not had issues with scaling. It’s time more and more businesses view WordPress as a scalable long term tool to grow their business on.
Here are some of the major areas to look into when scaling WordPress.

Performance:

The most important thing you need to do when scaling any application is to make sure it can handle large traffic volumes, concurrent users, form submissions, etc. WordPress is proven to power some massive sites including the popular website Wine Enthusiast Magazine built by Trellis so it can perform at a very large scale!
There are many ways to scale WordPress and major hosting companies like WPEngine, Pantheon, Liquid Web, and of course, Amazon Web Services can scale WordPress to millions of users. Pantheon built a website https://www.scalewp.io/ to help the community around WordPress learn how to scale to handle massive volume.
When it comes to performance I would make sure to leverage a high-quality developer or development team that has experience scaling WordPress performance as well as a hosting company like Pantheon that can scale WordPress on the infrastructure side. I would have a developer or hosting company help you get full page caching, Redis or Varnish Caching, indexing, and other performance architecture in place so that the website is not constantly querying the database for everything.

Security:

Security is probably the biggest reason many larger corporations are afraid to go the WordPress route. This is incredibly false. WordPress core is incredibly secure, it’s simply pitfalls in managing and maintaining a WordPress site that make it seem insecure.
The main way people get hacked is by brute force attacks against the user login at /wp-admin and guessing usernames and passwords. If you create a user in WordPress, it automatically generates a secure password that can protect against this. You can also lock out your admin panel or change the URL to make the admin panel access more secure.
There are also security plugins like Wordfence that work incredibly well, that will block attackers from trying to guess passwords and other types of hacker attempts. There are also many guides on WordPress security that can help you from getting hacked.
Most importantly I would focus on keeping your plugins to a minimum and keeping both the core software and plugins updated as frequently as possible, which combined with good passwords should lead to minimal if zero security issues. A good WordPress hosting company can also help ensure any issues are thwarted quickly.

Plugins:

As you grow your WordPress site into the enterprise, you will most likely need more and more plugins. This can become very problematic as plugins are third party code that is not always well maintained or play nicely with scaling, other plugins, theme customizations, and any other custom things you are doing to the WordPress software.
My suggestion is to keep your plugins very lean and be very careful about which plugins you add to the site. You really only need a handful of plugins to build a pretty large site.

User Permissions:

User permissions are often a concern for larger enterprise organizations since they don’t want anyone and everyone to be able to access everyone on the software. There are several user permissions in WordPress so you can dedicate some users to only be able to do very basic tasks like writing a post, but not even publish or edit other posts. It’s also possible to customize the user permissions via plugins or custom code to create even more flexibility if you need to do so.

Development Operations:

Just like with any website, you should be following development operations best practices to scale to the enterprise. With WordPress, you can easily create a repository on Bitbucket or Github and setup a staging environment for live testing. Platforms like Pantheon and WPEngine can help with this so that you have proper development operations moving forward.
There are also many other development operations tools that can help you speed up delivery of new features like Docker and Codeship you may want to explore.

Design / Theming

If you are building for the enterprise, you will most likely want to have a modern design and theme that can scale. I would highly suggest not using a prebuilt theme on Themeforest or one of those theme builder tools. Those seem to break and fall apart quickly as you try and scale your website.
I would look into building a custom theme off some sort of infrastructures like FoundationPress or Sage. This way you are building a scalable frontend architecture that can be custom designed and improved as you grow the website. You can also update the core theme files of Foundation or Bootstrap to improve the responsive framework.

Content Architecture

Your content architecture goes hand in hand with the theme. By default WordPress simply has Posts, Pages, Categories, and Tags. You can actually create unlimited Custom Post Types, Custom Page Templates, and custom taxonomies for other types of data outside of categories and tags. It’s important to think about the best ways to customize your content in the admin panel as you scale your site, so the more you can play out the architecture up front, the better you will be.
There are also ways to leverage plugins like Advanced Custom Fields to build flexible page templates and post types so that you can control some of the look and feel via the backend. This is a great way to empower your marketing team without taking too much development time.

Integrations:

Integrations are a great way to allow your business to scale and larger organizations typically need this. WordPress has very strong API’s that are constantly improving so that you can integrate with other platforms such as single sign on functionality for other systems, and much more.

Multi Site:

Larger organizations typically need multisite functionality in that they have many different sites. This can help them scale multiple sites without the overhead of multiple infrastructures. WordPress can support multisite, but it’s best you think about the architecture of multisite before hand, as it’s more difficult to redesign your site for multi-site after the fact.

Functionality / Custom Plugins:

WordPress can support a wide range of functionality through custom development and plugins. It’s possible to custom develop almost anything via WordPress because it is simply an open source software that you can mold into whatever you want it to become. However, the more you customize it, the harder it will be to maintain version upgrades and plugins. Therefore it might be best to create your own custom plugins depending on the situation. Custom plugins will help isolate custom functionality so that if your plugin breaks something you know it is isolated to that plugin rather than affecting many areas of the site.

WordPress as a Backend:

There is a push for modern Javascript frameworks like Angular and React to take over frontend, and even more backend development. It’s possible to use WordPress simply as a content backend system to easily manage content so that marketers can add blog posts, new pages, and other types of content with ease. With the WordPress API’s you can now do this and use a modern framework like Angular or React to power the frontend.
***
For help planning or building a WordPress site for the Enterprise, please don’t hesitate to reach out to us at hello@trellis.co!