"Would read this again"
I'm giving this thread a 5-Star review.

Yea also important to note Wordpress' reputation has changed over the years. The plugin ecosystem around it I always thought was very good. If you're a small vendor looking to differentiate yourself, rolling your own CMS isn't the place to start. Wordpress works just fine. More importantly, dealers are paying for this service, so it shouldn't even be something they're too worried about. Let the developers and "site flippers" take care of that stuff.

Carsten said:

I have been toying with an idea to try to get into the dealer websites.

Click to expand...

@Carsten thanks for the backstory. DDC is Dealer.com who is an OG dealer website provider within automotive. All of our OEM program websites are on their platform because we are forced to select from a list of providers. The game for any vendor (website, widgets, agency) within auto is to get a certification from an OEM to be able to "pay to play" and be allowed to actually build websites for franchise dealers. @csabatka1 can tell you how that looks. We just recently caved to Kia and moved from his WP sites to two more DDC Kia sites and they suck compared to his BUT there is a lot of money that dealers lose by not falling in line with an OEM program provider.

As far as WP, I think the reaction you're getting is because you're reducing it to only fools or those asking for a good hacking would use WP. One of the largest providers of websites for auto is DealerInspire who builds on the WP platform. They sold to Cars Inc for $140M give or take in 2018 so they were doing something right as well as they have the majority of OEM blessings to be able to sell websites to dealers. There are plenty of other vendors in the forum that have been hacking their way into automotive retail for years. I would seek them out to learn where your time breaking into the industry is best spent. You are right, it isn't in a DMS lol

Carsten said:

Just for AI giggles.

hey ChatGPT!
how secure is word press ?

ChatGPT:
WordPress can be secure if it's maintained properly, but like any web platform, it also has vulnerabilities. Here's an assessment of WordPress security:

Core Security​

• Well-Maintained: The core WordPress software is actively maintained, and security patches are released regularly.
• Security Team: WordPress has a dedicated security team that collaborates with the global community to identify and patch vulnerabilities.

Potential Vulnerabilities​

1. Plugins and Themes:
   • Third-party plugins and themes can introduce vulnerabilities if not properly vetted or maintained.
   • Outdated or poorly coded plugins are a common source of security issues.
2. Brute Force Attacks:
   • The default WordPress login page is a frequent target for brute force attacks.
3. User Roles and Permissions:
   • Incorrect role assignment or permissions can lead to unauthorized access.

Best Practices​

1. Keep Software Updated:
   • Regularly update WordPress core, plugins, and themes to the latest versions.
2. Use Trusted Plugins/Themes:
   • Only use well-reviewed plugins and themes, and remove those that aren't actively maintained.
3. Security Plugins:
   • Install security plugins like Wordfence or Sucuri for enhanced protection, including firewalls and malware scans.
4. Strong Passwords:
   • Use strong passwords for all accounts, especially administrators.
5. Two-Factor Authentication:
   • Enable two-factor authentication (2FA) for additional login security.
6. Backup:
   • Regularly back up your WordPress site to ensure you can restore it in case of an attack.

Summary​

WordPress can be secure if regularly updated and maintained, and if best practices like strong passwords, secure plugins, and backups are followed. However, it's not immune to attacks, especially when users neglect updates or install vulnerable plugins.



NOTE:
I do agree with the statement that any site can be vulnerable. You also need to stay up-to-date with the coding language and server versions. Word Press is just notorious like Windows because end users don't stay on top of updates.

Click to expand...

Those issues are all end-user issues, not WordPress issues. I'd compare all of these to buying a vehicle, not doing oil changes, leaving your windows down, keys in the ignition, and doors unlocked while parking at Wal-Mart. Is that the car's manufacturer's fault when something happens or the end-user?

WordPress in itself is a secure platform, it's the end-user who makes it vulnerable.

The sheer volume of WordPress sites makes a hack seem more extreme than another platform. 800+ million sites are currently running WordPress, Shopify is next with around 70 million websites. Why wouldn't hackers attempt to exploit WordPress? That's like fishing in the ocean vs a farm pond trying to catch the biggest fish.

Carsten said:

@Dan Sayer

For the vendor thingy, I didn't really know what to choose when I signed up here and vendor seemed the most fitting since I am working on my own proprietary system. Obviously, I have a lot to learn and I'm always willing to learn.

As for what I would recommend:
Make sure that WP is updated religiously and that you have daily backups of your DB and if you don't monitor your site daily, then make sure that you have a backup of your data on timely basis in case you do have to roll back your db. But chatGPT also mentioned this.

Migrating to another platform most likely doesn't make sense until it happens. You did say you have been clear so far of carnage, so why change?

For replacing WP, I'd need to ask a whole slew of qualifying information questions since you didn't mention why and what for you use WP. What's your use case?

Click to expand...

We're not planning on replacing our WP sites. You were highly critical of using WP so I just wondered if you had an opinion of another industry automotive website platform. We are using DDC for our "have to have" OEM sites but bury them when able. We did just replace our two WP Kia sites because the co-op incentive and incentive was too great to not just go with a Kia provider. What proprietary system are you working on @Carsten? I see you active on DR and wondered what your experience was and assume you are working on something for the automotive retail space?

Isn't DealerInspire based off the Wordpress platform?

Carsten said:

You are like one of very few people that I have come across who have gotten away without having an issue.

Script kiddies learn on WP sites.

This is just a well know fact in the coding world.

You really need to stay on constant updates for WP and make sure you have Database backups.

I can provide some phone numbers for friends who took the easy way out and later got hit.

Services like Wix do great because they monitor like crazy.

Click to expand...

What would you recommend we do @Carsten? Migrate to another platform? What is your background in this area? I see that you're a vendor but the company site listed in your profile is not active.

Tesla!

Chris Vitale said:

the automotive industry is at a crossroads. It can either continue with its antiquated ways or embrace a new paradigm that values transparency and efficiency

Click to expand...

Full transparency changes the structure* of negotiation.
*& it's rewards

BillKVMotorCo said:

Then I realized I didn't like Air Traffic Control

Click to expand...

"ATC is pushing tin... hours of boredom followed by moments of panic"

Chris Vitale said:

As it should be...

Click to expand...

Like anything the FTC or government is involved in, it starts with good intentions and evolves into loads of bullshit, with a little 1/32 carat diamond in the middle.

I'm fully in favor of full transparency regarding pricing, fees, add-on's etc. But that's not all this "rule" does.

How about we make a deal @Greg_Gifford - I won’t tell you how the SEO business works and you let me continue to fight the good texting fight in the way hard years of experience have taught me

Greg_Gifford said:

but... it's a link in a text message. They don't need to type it in or remember it, they can just click the links. who cares if the link is bestaudidealerinvirginiabeachthatsbetterthanalltheotheraudidealersinviginiabeach.com?

but yeah, if you have a long URL and you think people would care, just use a URL shortener. Why go spend $1500+ a year to have a .dealer or .cars TLD when you can use bit.ly for free?

plus, there are massive SEO implications for switching your domain name to something else for non-SEO reasons...

Click to expand...

LOL -- #truth on the URL length. But a short URL does "look" nicer.

I think I have the shortest URL -- Press1toTalk is P1TT for short. I got the domain p1.tt - but primarily use it for shortener and redirects, and to shorten my email.

I think it comes down to cost vs benefit. .tt domains are $100/year -- no brainer. .dealer domains are $4000 a year - harder pill to swallow.

Greg_Gifford said:

but... it's a link in a text message. They don't need to type it in or remember it, they can just click the links. who cares if the link is bestaudidealerinvirginiabeachthatsbetterthanalltheotheraudidealersinviginiabeach.com?

but yeah, if you have a long URL and you think people would care, just use a URL shortener. Why go spend $1500+ a year to have a .dealer or .cars TLD when you can use bit.ly for free?

plus, there are massive SEO implications for switching your domain name to something else for non-SEO reasons...

Click to expand...

People are super cautious about what they click on in a text message, and there are character restraints. Nothing I'm speaking of has anything to do with SEO.

DrewAment said:

So close to pulling the trigger....

View attachment 8851

Click to expand...

Now that's funny

We are a .dealer client. I think some vendors should take notice as this is a great way to get a URL that can be used for your dealer clients. Although we haven't put it into practice yet, that is our plan for the .dealer string. It is far easier to use a shortener in a text message like vb.audi.dealer than it is to use audivirginiabeach.com for example.

I get it. Making cold calls to dealerships is a grind. Sometimes, you have to change things up to relieve boredom.

Buuuuuuuuut... that ain't the way!

Thanks for sharing, Aimee. This is the perfect place to put this, as many vendors watch DealerRefresh. Regardless of whether anyone at Milestone Marketing gets this, others will heed warning from your experience

Greg_Gifford said:

people immediately recognize the purpose of your site.

Click to expand...

So close to pulling the trigger....

JDHigginbotham said:

Thank you for your participation, Drew. Great points.

1. What is your sentiment on the experience/capability you have with where you listen to calls today? What platform do you use to listen to them? What is missing?

Click to expand...

My overall opinion:

All the call recording.tracking companies do the basic function of listening to calls all the same. I don't know of a "perfect" system. I personally believe that a lot of the "scoring" systems need to be able to be personalized based on the dealer needs.

We are "over alerting" our managers with emails/texts/popups, etc. I had one desk manager tell me that she received WAY TOO MANY "alerts" to keep on top of them all during her day. Over ~140 emails and ~50 texts a day to filter through according to her.

The person that performs badly on the phone consistently will do so day after day. IMO = Spending a scheduled ~15-20 min listening to 10 random calls a day will tell you the same thing as filtering through and wasting time trying to keep up with all the alerts, dashboards, logins, etc etc.

On a side note: I have looked at most, if not all of the systems. CarWars, CallRevu, Marchex -- etc etc etc. The incentive structure on those programs and keeping the dealership signed up are dependent on sending alerts, and saying you are doing a bad job == scare tactics. Just look at a recent OEM change with their call tracking provider causing fail call rates to go UP. Was that change made because we got to good on the phones? Fail rates were down? Needed proof that we needed them? Yes, a little conspiracist.

BillKVMotorCo said:

The exhausting reality of overposting AI bots.

Click to expand...

No - that's pure Vitale there. I'm scared to think of what would happen if Chris used a bot

Carsten said:

Use WordPress if you want to be a hacking target.
Adding plugins is like buying oil at Dollar General. They may work ... but good luck!

ecommerce is always going to look stale to some extent. Amazon hasn't changed much over the years.

Click to expand...

State your case and examples on the hacking comment @Carsten
We've been running WP sites since 2010 and been able to avoid hacking.
@jeffspreen I can put you in touch with our WP dev if you'd like. DM me if you want his contact information.

GrayScott said:

I have a tool I created with a friend that does just this. It will work to remove your negative reviews that you may struggle to have removed

Click to expand...

@DaveNovotny I book marked Gray Scott's DR podcast. It's bad ass
Login to view embedded media

Alex Snyder said:

If the FTC gets their way, transparency will be forced on dealers overnight.

Click to expand...

"just get them in here" is ​

I have seen Alex Snyder's FT mock of fully embracing the FTC compliance mission. I am pounding the table, this rule will like turning on a light in a dark room... the cockroach dealers will run for their lives, the pioneering dealers will embrace it.

I believe it will create a more informed internet shopper, which will create less distrust and less friction in the sales process.