📅 16-05-2019 • Δ 10-06-2019
A technical comparison between Drupal 8 and Wordpress 5
By creating my website in Drupal 8 and WordPress 5, I got a good overview of the differences between these 2 CMS platforms.
Drupal
WordPress
Considered enterprise level. It's a lot more complicated than WordPress and it has a steeper learning curve. Very technical to configure, update and program.
User friendly, less complex.
Use the default theme or activate a free or non-free theme and you are ready to go. To create a theme from scratch, you need programming skills in PHP.
+/- 1.9% of the internet (2019)
+/- 34% of the internet (2019)
Each individual (content) page is named a 'node'. Each node belongs to one content type.
Standard content types:
- Basic page: static pages. Has a title and body text.
- Article: content that is updated more frequently. Has a title, body text, an image, tags and comments.
You can create custom content types with custom fields. (Structure / Content types)
Page types:
- Page: static pages
- Post: blog pages (updated more frequently)
Custom fields can be added. It’s less flexible than Drupal. All custom fields are available on all the pages with combo boxes where you select the desired fields.
The layout of the website is defined in a theme. (YAML, twig templates, (very little or no PHP))
In its simplest form, you define page layouts in Twig templates containing HTML code, CSS, JavaScript and Twig syntax. In Drupal you link theme blocks (Twig page elements) with content. (Structure / Block layout)
The layout of the website is defined in a theme. (PHP, WordPress API)
Page layouts and content is programmed in PHP files. You loop through data with WordPress API functions.
Hooks are needed to give some pages another page layout (landing pages). To create specific Theme Hook Suggestions.
WordPress has a very complete built-in template-hierarchy naming system.
New functionality can be added with modules or (self-written) custom modules
New functionality can be added with plugins
All custom programming is done with custom modules. These are written in modern coding standards. OOP, render arrays, dynamic queries, hooks, YAML, routing, ...
Custom pages written in PHP can be saved in the theme folder. A WordPress page with the same title name creates a route for this PHP page. The body can stay empty.
Native support to define views (a selection of fields, sorted)
No core support
Switch between editing in preview or HTML code (=source)
Editing in
- Gutenberg = the page is divided in blocks. You can edit in preview mode or source code that consisting of HTML and specific WordPress syntax.
(The Gutenberg editor has ‘custom html’ blocks that have no preview)
or
- Normal editor: editing in preview mode or source code (html). Html code is automatically modified. Ex. <p> without attributes and <br /> are removed and is replaced with empty lines and new lines.
Editing in preview is not equal to WYSIWYG
Editing in preview is not equal to WYSIWYG
Set URL aliases manually or use a module like Pathauto. Hierarchy is defined by the URL name field. ex. /scale-model/cutty-sark
Aliases are named slugs. They can only have one word. Ex. scale-model.
For hierarchy:
Use automatic URL naming for posts.
Pages can be structured by liking it to a parent page
Performance settings out of the box: CSS and JavaScript can automatically be minified.
Built-in caching (1 day or hours) (in configuration / performance)
No native minify and caching.
Built with PHP, Symphony, Twig
Built with PHP
A revision can be created manually when saving (checkbox: Create new revision)
By default, uses:
- Autosave interval of 60 seconds
- Creates post revisions after a modification/deletion. One per post/page per user.
To permanently delete revisions, use a plugin like WP-Sweep - Heartbeat: at regular intervals, communicates between server and client browser (ajax). Used for auto saving, session management, revisions, …
It can be disabled with a plugin or in functions.php
Updating a module or Drupal is done manually or by script.
Updates for plugins and the WordPress system can be done automatically.
Brute Force Attacks
Account locked after 5 login attempts
Login isn’t locked out after multiple wrong attempts.
The REST API must be activated and configured manually
REST is active by default.
Disadvantage of a frontend CMS platform
Performance: if the website doesn't have many visitors or has a very good caching system, the server load can be managed better.
It still has lots of points of failures because of the many layers.
Ex. Drupal: web server / PHP / Symphony - Twig / Drupal layers / database & RDBMS / modules / caching, interfaces (REST, ...), updates, security, ...
Another modern web development architecture is JAMstack. Here it is possible to use a CMS for backend functionalities and static generated pages at the frontend using client-side JavaScript and APIs for interactions (comments, authentication, e-commerce, ...)