Posted by: Eric Hansen
Should you run a dynamic or static website? Its typically a tough call. Dynamic sites offer a lot of functionality that, for obvious reasons, you don’t get in a static version. However, there are some things to consider:
1. Dynamic sites end up giving a lot more overhead and resource usage from your server (not good if you plan on running multiple sites on one server)
2. Static sites, while may not have search functionality, can still provide other options like a tag cloud (just make sure you use good tags is all)
3. Dynamic sites are more vulnerable to security issues opening up a flood gate to hackers entering your server
#3 is the biggest concern I have. WordPress, for example, is an amazing piece of software for blogging…and now website management. Its not hard to install a theme, plop a plugin or two in, add some pages and make a blog post welcoming the world. Static sites, however, can be very tedious to work with, even if you template-ize the whole thing (i.e.: put common code in separate files and include that at run time).
What does that have to do with security? Everything. WordPress has been hot under the gun lately for some security issues, as well as Drupal having some issues not too long ago (though not with their software…yet).
In rebuilding my business’ website, I had to sit down and really think about what was used and not-so-used. I didn’t make a lot of blog posts, no one commented, and for all intents and purposes the page design broke in different instances. Basically I had a set up that was using around 50MB of RAM (Apache2 + PHP + MySQL), powering WordPress, and was doing nothing that its intended for. So what if I cut all that down?
If someone wants to comment, I have Disqus available. Now the main focus on the site is not about blog posts, but about what my business offers. I can still use Apache, but why? Sure I might need it for my CMS (client management system), but my website won’t need it. Install Nginx, have that serve the static content, off-load everything else to Apache via proxy and be happy. Apache won’t be trying to do so much with the disk and resources now, and I’m able to improve speed performance by not running my rarely-modified files through a pre-processor (i.e.: PHP).