WordPress vs. DNN — Content Management System Comparison

Is DNN or WordPress the right CMS for your company?

DNN (previously known as DotNetNuke) is an enterprise-level open source CMS that is secure, reliable, and easy to use. WordPress is a popular platform that has gained significant market share in recent years, being used by roughly one-third of all websites.

Both platforms have their pros and cons, but which solution is right for your organization? We will break down every aspect, including site speed, security, and theme options.

In the end, there are many factors you will need to consider. Choosing the right one is crucial for having a successful website. But you won’t have to go at it alone. We are happy to provide a free consultation at any time to help you make the best choice.

Get a Free Consultation

Our Approach with this CMS Comparison

Weighing the pros and cons of competitive Content Management Systems can be difficult, even for freely available, open-source software. Proponents of either camp can dig in their heels and things can devolve from reasoned conversations to borderline religious arguments.

Just like Linux vs. Windows, C# vs. PHP, or coffee vs. tea, there’s often no clear-cut, black-and-white answer.

You may have arrived at this post to satisfy an informational need or to decide which CMS to use. Our approach is not to declare an absolute winner.  To be candid, the best choice depends on your unique project needs.  With that in mind, we aim to provide deep, yet balanced, information to help you make an informed decision.

Our team has worked on hundreds of DNN and WordPress sites. The perspectives shared in this post are based on our hands-on experiences working with both systems as well as third-party research.

High-Level DNN vs. WordPress Comparison

While DNN and WordPress share similarities, the technology stacks and programming languages they use are quite different. If your decision on CMS software is dependent on the underlying technology, then the decision is straightforward.

Here are scenarios where your decision is dictated on the underlying technology (e.g. Windows/.NET vs. LAMP [Linux, Apache, MySQL and PHP]):

• You’ve standardized your infrastructure on an existing platform.
• Your internal IT guidelines or mandates require it.
• Your resources (developers, administrators, etc.) are specifically trained to support the platform.
• Your ecosystem (suppliers, partners, re-sellers, etc.) has it required.

If your decision is independent of the technology stack, then read on.  We’ll take you through some application-level comparisons.

WordPress: Popularity Makes it a Common Target

Sometimes being the most popular CMS has its disadvantages.  Site security is one of them.

With WordPress handling about one-third of all websites, it is the most targeted by malicious hackers and spammers.

The most common entry point for hackers is to find exploits in popular third-party plugins. If an exploit can be used to gain unauthorized entry to a site, hackers can scan websites to see if they’re running WordPress.

From there, they can attempt to leverage the exploit. If the site is running a version of the plugin containing the vulnerability, it (i.e., the site) can be hacked.

A similar exposure exists for DNN, since it has an ecosystem of third-party modules and themes. In the past few years, DNN websites have been hacked via vulnerabilities in third-party DNN modules.

However, there are fewer modules in existence and far fewer sites running DNN. As a result, hackers spend most of their time against the No. 1 target: WordPress.

WordPress being the largest target for hackers and malicious bots, it is more a question of when, not if, the website will be compromised. You don't need to have a popular website to be a target. Hackers will crawl and scan the web for sites with known security flaws to exploit. Keeping your CMS version and plugins up to date in WordPress will go a long way in helping you stay protected.

The 10,000-foot view of the DNN and WordPress CMS options

Comparison by Capability

When comparing Content Management Systems, there's a nearly endless set of criteria to evaluate: performance, SEO, ecosystem, editing, taxonomy, extensibility, etc. In this post, we'll compare three of the capabilities most commonly asked about by our customers:

• Permissions
• Security
• Themes & Administration

DNN vs. WordPress: Permissions

DNN and WordPress ship with a set of built-in user roles. The CMS utilizes user roles to apply permissions to a group of users (i.e., all users assigned to a user role).

Both DNN and WordPress have default permissions settings that determine actions enabled or disabled by each user role. The built-in user roles are:

Permissions in DNN

In DNN, granular permissions and custom user roles are supported in the core CMS; those features are not part of the WordPress core.  Instead, they’re provided by third party plugins.

In DNN, permissions can be applied at many levels: site, folder and page, as well as individual modules on individual pages.

For DNN, the advantages of having granular permissions supported in the core:

• Ability to view the source code
• No dependency on third party vendors
• Consistent administration vs. learning to use different plugins

The DNN Documentation Center is a website with documentation on the DNN CMS. View these pages for more information on user roles and permissions management:

• How to create a custom user role
• How to assign users to a role
• How to configure page permissions: proceed to Step 4 on this guide to creating a page.

Permissions in WordPress

WordPress has a similar structure to managing permissions. However, features such as granular permissions and custom user roles are not part of the WordPress core. Instead, third party plugins must be downloaded to provide these capabilities.

The default user permissions in WordPress are generally not enough for larger organizations that require more specific use cases.  If you need to give a user permissions to only edit a certain page or section (instead of the entire site), you will need to download and install a plugin.  There are several to choose from.

Try these plugins to provide extended permissions and user role capabilities:

• Members by Justin Tadlock
• User Role Editor by Vladimir Garagulya
• Advanced Access Manager by Vasyl Martyniuk
• WPFront User Role Editor by Syam Mohan

As with all third party software, we recommend you evaluate the plugins’ reviews, number of active installations, and last update date. Get suggestions from colleagues, partners or peers with first-hand experience using particular plugins.  Every plugin you install on your website can come with its own security vulnerabilities and impact other plugins on your site.  So make sure to have a back-up ready to go before the installation. 

DNN vs. WordPress: Permissions (Conclusion)

If you have a relatively simple site with a small number of users and user roles, both DNN and WordPress work well.

For complex sites with 20+ users actively managing content, with custom user roles and the need to manage granular permissions across folders, pages and modules/plugins, we prefer DNN, since all of the needed capabilities are built into the core CMS.

To manage permissions on a specific module on a page, you edit the module properties and set permissions accordingly. This is done the same way for any module in use. On a WordPress site, permissions are set in the plugin administration menus and can vary widely from plugin to plugin.

Want Dedicated Hosting? If you’re looking for a server custom-configured to your website needs, we offer dedicated hosting that features all the resources you need without sharing a server. Get the experience of quality hosting professionals while having the privacy of a custom, dedicated server. Contact Us

A comparison of security between software systems can be qualitative rather than quantitative: anecdotal experience and opinion factor into the equation to a large degree. That's no different in comparing the security of DNN vs. WordPress.  In many cases, it is less the platform itself and more how it was set up by your web development company.

In this section, we'll defer on recommending one CMS over the other on the basis of security; instead, we’ll point out a few things for you to take into consideration.

WordPress: Popularity Makes it a Common Target

Sometimes being the most popular CMS has its disadvantages.  Site security is one of them.

With WordPress handling over 1/3 of all websites, it is the most targeted by malicious hackers and spammers.

The most common entry point for malicious hackers is to find exploits in popular third party plugins. If an exploit can be used to gain unauthorized entry to a site, hackers can scan websites to see if they’re running WordPress.

From there, they can attempt to leverage the exploit. If the site is running a version of the plugin containing the vulnerability, it (i.e., the site) can be hacked.

A similar exposure exists for DNN, since it has an ecosystem of third party modules and themes. In the past few years, DNN websites have been hacked via vulnerabilities in third party DNN modules.

However, there are fewer modules in existence and far fewer sites running DNN. As a result, hackers spend most of their time against the number one target: WordPress.

WordPress being the largest target for hackers and malicious bots, it is more a question of when, not if, the website will be compromised. You don't need to have a popular website to be a target. Hackers will crawl and scan the web for sites with known security flaws to exploit. Keeping your CMS version and plugins up to date in WordPress will go a long way in helping you stay protected.

Security in the Core CMS

In addition to third party plugins and modules, another entry point for hackers is the core CMS itself. Security vulnerabilities have been discovered in the core platforms for both DNN and WordPress.

David Poindexter is CEO of nvisionative. David and team build sites primarily on DNN, but have executed many client projects using WordPress as well. Recently, David wrote about a security issue in the WordPress core.

David notes that via the REST API, “an out-of-box implementation of WordPress 4.7 will expose a list of all USERS via anonymous access, including each user’s name, username, Gravatar link and other associated metadata.”

David continues, “This information can be exposed to and enumerated by both humans and BOTs to harvest sensitive information. With this information in hand, brute-force attacks can be made against the website to gain unauthorized access.”

While some may call this issue a security vulnerability, the official response from the WordPress team is that it’s the expected behavior. In a thread on the WP-API GitHub page, a member of the WordPress API team writes:

"Usernames are already exposed through themes, RSS feeds, etc, and we do not consider them a security issue. You can install a third-party plugin if you would like to limit access to this data."

We don’t agree with this approach to web security; while we wouldn’t block a client’s choice to use WordPress on the basis of this API “opening,” we would advise clients to use whatever means necessary to limit access to their sites’ user data.

DNN Sample Sites Want to see for yourself? Check out some of the DNN sites that we’ve designed and created. We’ve been building DNN sites for over 15 years, and we continue to push the creative limitations of this pliable content management system. View Our Examples

DNN vs. WordPress: Themes & Administration

DNN and WordPress take vastly different approaches with their themes:

• In DNN, themes focus on styling and visual appearance, with little to no functionality. Features are handled by the CMS core, or in custom and third party modules.
• In WordPress, themes handle styling and visual appearance, but have a lot of associated functionality built in.

In a DNN Theme

In DNN, a theme (formerly called a “skin”) consists of:

• One or more layout templates (HTML or ASCX)
• A style sheet (CSS) for each of the layout templates [optional]
• A master style sheet (CSS) for all the layout templates [optional]

In a WordPress Theme

In WordPress, a theme consists of two files (at a minimum): style.css and index.php. These files reside in the Theme directory. That directory may contain related template files, which handle the header, sidebar, footer, content, categories, archives, search, error and more.

Here at Foremost Media, we manage client sites via the core elements of the DNN CMS, along with a selected set of third party modules. Some of our most commonly used modules are:

• DMX 
• EasyDNNgallery
• Ventrian News Articles
• 2sxc Editor

In WordPress, a lot of content management and functionality is built into the theme. For example, one popular WordPress theme includes these capabilities:

• In-line Editing
• Draggable Widths
• Customizable UI
• Instant Content
• Responsive Editing

Management of DNN sites involves capabilities of the core CMS, along with a defined set of third party modules. Management of WordPress sites, on the other hand, is intimately tied to the selected themes.

The Challenge

With 10,000+ themes available in WordPress, there’s a lot of variety in how sites are managed.

Most DNN theme developers incorporate functionality by releasing an accompanying module.  The module itself is what will provide additional functionality, making it easier to edit and manage DNN sites across the ecosystem, regardless of who the original developers were.

Aaron Jach, a project manager on the Foremost Media team, has experience developing and managing sites on both DNN and WordPress. When Aaron inherits the management of a new site, he prefers DNN sites, since the structure and conventions are more deterministic.

According to Aaron, “I prefer the structure of DNN sites since I know precisely where to go to look for something or modify it. With WordPress, depending on who built it originally, it can take a lot longer to figure out what’s going on and where things are. I need to understand the capabilities of the site’s WordPress theme and get up to speed on how to use it.”

One benefit of WordPress, according to Aaron, is that it’s easier for non-technical users to apply a theme to a site themselves.  But this also adds to issues of many different types of implementations across the ecosystem.

DNN vs. WordPress: Themes & Administration (Conclusion)

The Foremost Media team prefers the separation of styling and functionality that DNN provides. By keeping the styling in themes and the functionality in modules, it’s easier for our team to manage and administer DNN sites.

With WordPress, there are over 10,000 themes to choose from. On the one hand, having so much choice is a benefit. On the other hand, it can be time-consuming to find a theme that offers the features you need and is free of bugs and security vulnerabilities.

The majority of themes available in the WordPress ecosystem are not vetted by third party developers or security professionals. Before making a final decision on a WordPress theme, we recommend that you talk to peers (i.e., who have hands-on experience with that theme) or consult with a professional web design agency.

DNN vs. WordPress: Site Speed

A study in 2019 ran by Brain Dean from Backlinko uncovered some surprising insights into which major CMS is the fastest. By analyzing 5.2 million desktop and mobile pages for Time To First Byte (TTFB), they found that DNN performed near the top, while WordPress was near the bottom. With DNN ranking in the top 5 for both mobile and desktop.

Site speed is an increasingly important factor in both SEO and the overall user experience. While other factors should contribute to your overall selection, this finding should be weighted heavily in choosing the best CMS for your project.

DNN vs. WordPress: Conclusion

There’s not a single CMS that’s the right fit for every scenario. The work we’ve done at Foremost Media has been with DNN and WordPress. Both CMS’ are quite good and we know that there are lots of other great options out there.

If you’re looking to choose between DNN and WordPress, we hope this post gave you useful insights to help with your decision.

With a team of DNN and WordPress experts, we’re happy to help. If you have questions on the right CMS for your project, or if you want to learn more about the services we provide, fill out this contact form and a Foremost Media team member will be in touch shortly.

Explore Further: Comprehensive Insights on DNN