The website nobody dares to touch
It cost NOK 15,000. The agency delivered in three weeks. Everyone was happy.
Six months later the contact form works intermittently. The site takes four seconds to load. Marketing wants to change a headline, but the developer says it'll take two days because "Elementor makes it difficult." And nobody remembers the password to the hosting account.
Sound familiar? Then you're sitting on technical debt.
What is technical debt?
Technical debt is shortcuts taken during development that create future costs. In WordPress, that means:
- Off-the-shelf themes with code you'll never understand
- Plugins that do half of what you need while loading 200 KB of JavaScript you don't
- No version control — changes are made directly in production via FTP
- No staging environment — you test in prod and hope for the best
- No automated tests — you discover bugs when customers complain
The debt is invisible at first. The site works fine. But with every shortcut taken, the cost of making changes later increases. Eventually nobody dares update anything, because the risk of something breaking is too high.
The usual culprits
We've seen hundreds of WordPress sites with technical debt. The pattern is almost always the same.
Elementor and WPBakery
Page builders like Elementor and WPBakery solve a real problem: they let people without coding skills build websites. The problem is what they do under the hood.
A typical Elementor page loads 300-500 KB of extra JavaScript and CSS. Even on pages that don't use Elementor functionality. Every widget element generates nested HTML that's hard to style, hard to maintain and impossible to migrate. You're locked into Elementor forever.
Gutenberg (WordPress's built-in editor) is a better choice. With custom blocks, editors get a flexible experience without the performance penalty.
20+ plugins
Every plugin is a dependency. A new attack surface. A potential conflict with the next WordPress update. And yet another thing that needs maintaining.
We regularly see sites with 25-40 plugins. Three of them do the same thing. Five haven't been updated in over a year. Two have known security vulnerabilities.
Our rule: if it can be solved with 50 lines of clean code, that's better than a plugin. Custom plugins built on WPFluent do exactly what you need, without the baggage.
FTP and no version control
If the only way to deploy code is to FTP files to the server, you have a problem. No history of who changed what. No way to roll back. No code review. No automated tests.
Modern WordPress development uses Git, CI/CD pipelines and staging environments. Code is tested before it reaches production. Deployments happen automatically on merge to main. No FTP, no surprises.
PHP 7.x on shared hosting
PHP 7.4 reached end-of-life in November 2022. Yet many WordPress sites still run on PHP 7.x. The hosting provider offers it, and nobody has asked for anything else.
PHP 8.4 is significantly faster, more secure and has better error handling. FrankenPHP Worker Mode delivers response times under 200 ms. Shared hosting with PHP 7.4 gives you 3-5 seconds.
What technical debt actually costs
The cheap website is a calculation that never adds up. Here are the real costs.
Security incidents
WordPress accounts for 90% of all hacked CMS sites. Not because WordPress is insecure, but because people run outdated plugins on shared hosting without a firewall.
A security incident typically costs NOK 20,000-50,000 in cleanup. Plus lost revenue. Plus reputational damage. Plus the time it takes Google to trust your domain again after blacklisting it.
With a maintenance agreement with SLA, proactive security costs from NOK 3,000 per month. The maths is simple.
Lost SEO visibility
Google has confirmed that Core Web Vitals affect rankings. A site that takes 4 seconds to load loses traffic to competitors with sub-second load times. Every extra second increases bounce rate by 32%.
Technical debt makes your site slower over time. More plugins, more JavaScript, heavier database queries. Without active performance optimisation, performance degrades gradually.
Developer lock-in
The agency that built the site is the only agency that understands the code. Because there isn't any code to understand — it's an Elementor configuration with 40 plugins that only works on that exact server with that exact PHP version.
Want to switch agencies? Then you'll almost have to rebuild. That's not maintenance — that's a hostage situation.
Hours that burn
The developer spends two hours on a change that should take ten minutes. Because there's no documentation. Because the theme is a labyrinth of nested shortcodes. Because updating plugin A breaks plugin B which depends on plugin C.
Over three years, these hours add up. A site with high technical debt typically costs 2-4x more to maintain than one with clean architecture.
How to spot technical debt
Some signs are obvious:
- The site takes over 3 seconds to load
- You have more than 15 active plugins
- There's no staging environment
- The last plugin update was more than three months ago
- The deployment method is FTP
- The page builder is Elementor, WPBakery or Divi
- The PHP version is below 8.0
- Nobody uses version control (Git)
- Nobody knows exactly who has access to wp-admin
- You're afraid to update anything
Recognise three or more? Then you likely have a problem.
Two ways out
1. Modernise your existing WordPress
If the site has valuable content, good SEO rankings and an editorial team that knows WordPress, modernisation is often the right call.
We replace Elementor with Gutenberg and custom blocks. Remove unnecessary plugins and build lightweight alternatives with WPFluent MVC. Set up Git, CI/CD, staging and automated tests. Upgrade to FrankenPHP with managed infrastructure.
The result: same content, same URLs, same SEO visibility. But faster, more secure and cheaper to maintain.
2. Migrate to Sanity + Next.js
If the site is a pure content site without an online store or heavy WordPress-specific integrations, it's often cheaper to start fresh with Sanity CMS and Next.js.
No plugins. No PHP. No security vulnerabilities from third-party code. Response times under 100 ms. And maintenance costs that are a fraction of WordPress.
We build Sanity sites from NOK 15,000 with maintenance from NOK 2,500/month. For many businesses, this is cheaper than cleaning up a WordPress site with heavy debt.
How to avoid technical debt from the start
Three principles:
Choose the right platform. For new projects without specific WordPress requirements, we recommend Sanity + Next.js. No plugin dependencies means no technical debt from third-party code.
Demand version control and CI/CD. Regardless of platform. If the agency doesn't use Git, doesn't have a staging environment, or deploys via FTP — find another agency.
Plan for maintenance. A website without a maintenance agreement is like a car without servicing. It runs fine at first. And then suddenly it doesn't.
Not sure whether your site has technical debt? Get in touch for a no-obligation review. We'll tell you honestly what needs fixing and what can wait.
