Static websites? Isn’t that old-school? In the early days of the web, all websites were static. Today, turning your dynamic WordPress site into a high-performing static one might be a viable option for you. Visitors get a super-fast browsing experience, while content managers continue to use the WordPress authoring experience and plugin ecosystem. Hackers have next to no surface area to attack, because the only public-facing resources are static pages. We asked Miriam Schwab — an expert on static WordPress sites and CEO of Strattic — to uncover the secret powers of static websites.
Why would you want to turn a dynamic site built with WordPress into a static one?
When we started building websites in the early 2000s, they were very much static. That’s why we often describe the shift to static websites as coming full circle.
A static website has several significant advantages:
1. Speed. Static sites are generally faster because every page is prerendered – with no underlying processing server, no database queries, and no PHP processing, the pages can be quickly served to the user. Another way they’re faster is that every page can be served up through a CDN. In your standard dynamic site, only the static assets like images, CSS, and JS can be CDNed. The actual HTML pages, however, cannot because they are virtual.
2. Security. Your standard dynamic website has a big attack surface. Every layer from the Apache server to the MySQL to every plugin installed on the site are potentially vulnerable. It’s hard to make sure all the holes are plugged, all the time. With a static site, there’s barely anything to breach.
3. Scalability. Supporting a high-traffic site is costly and can be complicated. And even when you do that successfully, a spike in traffic can seriously slow down a site and cause issues. Static sites scale effortlessly. One of our customers got in the press and their traffic increased ten-fold, and we didn’t feel it at all! The site scaled, and not only that – got faster. That’s the weird thing about CDNs – sites get faster the more traffic they get.
4. Less management and maintenance. With a dynamic site, there’s a need for regular maintenance, like upgrades, security tweaks, speed optimizations, etc. Not so on a statically generated site (this comes back to the above points).
We repeatedly hear from people who have gone the full static route (also known as Jamstack) that they end up spending a lot of time coding to manage the content on their sites. Also, the stack for non-WordPress static sites is very diverse and constantly changing. Every static site needs a CMS, static site generator, storage, CDN, and even version control. And for each of those layers, tens if not hundreds of solutions exist. With WordPress, you get most of that in one system. You need to take care of the static layer separately. For this, you can use a plugin, or an end-to-end platform like Strattic.
Surely there are disadvantages?
The disadvantages are that some types of functionality won’t work out of the box on static sites. You need to put in some work to make it static-compatible. Sometimes it’s simple to make a site static-ready, but sometimes it’s quite complicated.
Also, it’s a new paradigm and requires a bit of a mind-shift in terms of how you manage your site. If you use your own static publishing plugin, you need to configure the whole environment from the WordPress hosting to the static storage to the CDN. You have to make sure it catches every page, redirect, image, et cetera without crashing the server.
On Strattic, we automatically replace a lot of traditionally dynamic functionality with static-friendly solutions. For example, if you have search on your site, we replace it with Algolia-powered search without you having to do anything and we support WP form plugins like Gravity Forms and CF7 out of the box. However, our different approach to security means that you need to enter additional credentials to access your site.
Also, publishing your changes to your live static site involves an additional step: first, you publish your content on the WordPress site, and then you publish it to the static site, which can take a few minutes to go live. It’s just one additional button, but it’s a different flow.
And the potential benefits in terms of SEO?
There are potential SEO benefits from running a static site since they tend to load faster. This, of course, can lower bounce rates and improve conversion rates. In addition, they are extremely difficult to hack. Sites don’t risk being delisted from Google’s search index for malware and the like.
In general, running an SEO-friendly static website is the same as a regular WP site. So, make sure you have good content, titles, meta tags, links, etc. Ideally, a statically generated site can also optimize using an amazing tool.
How fast does a static site get and what else do you need to get the most out of it?
The speed improvements depend on how you built the site, and where you are hosting it. We have seen speed increases of up to 20 times faster, but running accurate speed tests is challenging. Sometimes, the numbers don’t reflect a huge speed increase but the site feels way faster for users. After visiting one page on a site, every subsequent visit feels nearly instant.
Also, all pages on a statically generated site can be served up completely via a CDN, including the HTML pages. The content pages on a standard WP site don’t actually exist as standalone files: they are virtual pages that are generated upon demand. So, in that case, the files that can be served via a CDN are only the static files like images, video, JS and CSS. A user accessing a content page depends on it reaching them from the physical location of the WP server, which in many cases can be pretty far. This could be a visitor in the UK trying to view a site hosted in Texas. All of the pages in a static site exist as standalone files, including the content pages. The system prerenders these as HTML files, so it can served them via a CDN, also making them faster for people around the globe.
As you said, security is another major advantage of running a static WordPress site, right?
Yep, exactly, security is definitely a major advantage of static sites. Your standard WP site runs on a LAMP server. Every layer of that server has potential vulnerabilities, from the operating system to the MySQL to the PHP. Then on top of that, you’ve got the WordPress site which is running many plugins. All these plugins could need a security update at any time. Every minute it takes for you to update the site opens a window of opportunity for the armies of hacker bots scouring the web looking for these known weaknesses.
A static site is essentially just a collection of files. There’s no processing or querying going on, so there’s basically not much to hack. On Strattic, we decouple the original WP site from the public-facing site. Then, we store it in a container that shuts down when not in use, and is only accessible to Strattic-authenticated users. As a result, owners of statically generated sites can sleep better at night.
Let’s say you have a good use case for building a static site with WordPress, where do you start?
Users have a few options of how they can build a static site with WordPress:
1. You can build a headless WordPress website. That means the WP admin is used purely for content management and not for the frontend. The frontend gets the content from the WP Rest API or WPGraphQL. This is a pretty complicated way of building a site since you would need to build a frontend that ties into the content management. Then, you have to keep creating new connections as the site develops. It also makes using Gutenberg blocks, or Elementor, or almost any plugins that impact the way your site looks more difficult and sometimes impossible.
2. You can build your site in WordPress as usual (themes, plugins, and all) and then use a platform that specializes in generating a static version of your site. Like Strattic, for instance. We take care of the entire environment, and support important WP functionality that might otherwise be complicated to get working on a static site. Some examples are Yoast SEO, search (we replace native WP search with high-quality Algolia powered search, out of the box, for all our users), WPML, Polylang, 301 redirects, password-protected pages, scheduled posts, Gravity Forms, Contact Form 7, CoSchedule, and more.
To recap, what are your 5 top tips for people who want to launch a static WordPress site?
2. Research the available options for hosting and publishing static WP sites and see what works best for you.
3. Make sure you are using static-friendly tools. For example, third-party form systems like TypeForm, Marketo, Wufoo, Hubspot, MailChimp etc. that feed form submissions directly to them are great. If you are using Strattic, you can also use Gravity Forms or CF7 – WordPress form plugins that don’t work on static out of the box, but we support them on Strattic. You can see many examples of tools you can use to replace traditionally “dynamic” functionality in our Static Tools Directory.
4. Test your static site thoroughly before launching it. Strattic offers a free trial and you can migrate a copy of your site over and publish it to static, prior to connecting your website domain. Also, all Strattic users get a static Preview site in addition to the static production site. Even once you connect your domain, you can always test your WP site first in the Preview static environment to make sure everything looks ok before deploying changes to your live site for all to see.
5. Celebrate being part of an exciting trend that helps ensure WordPress’ future for all! ????