Why I Ditched Wordpress to Save My Music Release and What I Did After

I’m a Chapman Stick player turned web developer. I’ve had a Wordpress site for my Electronic Prog-Rock music project since 2014, much before I started my career as a web developer in 2017. Since becoming a developer, I’ve wanted to rebuild the website but, a combination of time, lack of design chops, and a bit of ignorance of how to migrate all the plugin tools Wordpress provides delayed my project.
Preparing the release
A couple of weeks ago, I was preparing a new EP release after four years. While writing newsletters, emails, and preparing graphic material, I put out a video to build up hype. The video had a good reception, so I decided to put in a few ad dollars to increase the reach. Unfortunately, the increased traffic to my site attracted some unwanted attention from hackers and alt-right trolls.
My Wordpress site had been hacked before, about 6 months ago. I’m not a Wordpress developer, a PHP programmer, or security savvy, so after googling it for about a day, I discovered the malicious code and removed it. Nevertheless, I knew I hadn’t discovered the underlying vulnerability. Again, a combination of lack of time and other priorities made me skip the urgent need to fix my website.
Hacked Site
Shortly after releasing the video, I got a message from a fellow musician: “Hey man, someone hacked your site. I see porn on it”. Shortly after, I get an email from Google, saying it flagged my site. All I could think is: I’m f****ckeeed!
Not having a website before an album release is a problem. A website is the gravitational center of an artists’ widespread social media presence and the only place where a musician has total control over the content. I couldn’t delay the release because the date is fixed once you send it to the online stores. There was no turning back, I had to fix this issue fast.
At this point, I had two options. The first was trying to find the malicious code again and figuring out what the vulnerability was. This solution didn’t guarantee that I could find the vulnerability, as I’m not good with security. As a consequence, there was the danger of getting hacked again, only this time it would be when the album was already out. The other option was rebuilding my website outside of Wordpress. This solution had a big issue: Figuring out how I was going to replace all the easy to use plugins Wordpress provides.
After thinking about it for a whole morning, I decided to build the site myself.
How I replaced Wordpress
My first idea was to build a temporary static website in good old HTML and CSS. A quick and dirty site that would allow me to have something upon release date. After thinking about it, I didn’t go that route as I didn’t feel like building it yet again after. I wanted something I could keep improving later.
Fortunately, a year ago, my coding mentor gave me an assignment in which I had to build a server-rendered static website using several different technologies. These included a headless CMS, React, and Netlify. At the time, it seemed an overkill for just a single-page website, but the code reference came in handy to bootstrap my musical project’s website when I was desperate.
Here’s a short explanation of the technologies I used and how I integrated them to replace my Wordpress site.
Sanity.io: Content Management System (CMS)
Sanity.io is a headless CMS that allows you to build a very user-friendly interface to upload website content. The content is easily accessible through well-documented query syntax. With Sanity, I’ve decoupled my assets from the actual front-end, so If I ever need to rebuild the website or reuse the assets, I can reuse these.
Nextjs: React Front-end
Using Nextjs I can build my site in React and render it on the server. Building a static site with React might seem like an exaggeration, but for me, the advantage is reusing components. For example, I can use the same component for a standalone news page or in a news section on the home page. Also, it helps me keep my React chops up to date.
Netlify: Hosting and deployment
Deploying with Netlify has allowed me to build a static site directly connected to my GitHub repository. Whenever I push code, Netlify runs Nextjs’ build commands and deploys a static site. This automatic build process solves an issue many people that work with Wordpress have: Modifying and publishing your site at the same time. Now I can make all my modifications locally before pushing them.
Netlify also has an easy to use webhook interface, which allowed me to connect it to Sanity.io. Now, any time I publish new content, the site rebuilds immediately. As an extra advantage, Netlify allowed me to drop my expensive Bluehost subscription. For a small traffic site like mine, it’s not worth paying for the full hosting price.
Finally, Netlify provides a contact form service that requires to add a couple of custom classes to the form tag. Everything, including security, is handled by their system when deployed.
Mailchimp: Newsletter and sign-up
MailChimp has a much more complete mailing list service and cleaner interface than the one I was using as a Wordpress plugins. Inserting a subscription form is quite easy. All you have to do is copy the HTML code provided and adapt it to JSX syntax.
Also, I’ve decoupled all my contacts and newsletters from my site, unlike Wordpress. If I ever get hacked, I won’t lose access to the newsletter feature.
Bandcamp: Album sales and digital downloads
Before, I had an online store set up in my Wordpress site. Having Bandcamp handle sales and money transfer has been a relief. Of course, not having a store on the website is not as nifty. Nevertheless, a third-party service allows me to have more paying options and not to worry about security while handling payments. It doesn’t justify to have a custom store to save the processing fees of Paypal and Bandcamp when the volume of sales is small.
Advantages of ditching Wordpress
I’m thankful of the Wordpress ecosystem for allowing me to have a website for many years, but I’m thrilled I finally could escape its limitations. Combining several services has allowed me to have greater control of my online presence. 
I no longer depend on a third-party theme, don’t have to deal with the Wordpress interface, and can separate the development from the deployment process. 
Finally, decoupling services makes it easier to get back up running if I get hacked again.
Thanks for reading! Visit my website and check out my new release www.rafartmusic.com

Tags

Comments

October 22nd, 2019

Obvious question- you didn’t have a site backup you could just restore and build from again?

More by Francisco Rafart

Topics of interest