I want to start a little website, for my ideas and other stuff but I can't convince myself to use WordPress and I'm kind of lazy to code my website because I'm afraid of security problems... Do you have any advice to make a choice ?

@Letmecode why ?

@Letmecode it depends how you set WordPress up and how well you maintain it

@apisarenco I would add that to avoid a rainbow attack you should implement and use SALT values before and after the password before it's hashed.

EG:
$password = bcrypt('rjsktn836!4' . $userSubmittedPassword . 'hrjek847!');

Where rjsktn836!4 and hrjek847! are salt values. It helps protect against someone matching the hash value to a dictionary of hashed values.

@Letmecode I admit it has its faults but it is continuously updated and improved upon due to its mass use. I agree that there should be a code review team before plugins are available on the open repos but that is a pipe dream that I hope comes true but I fear it won't.

@apisarenco You either use what is there or you build something that is better. The only problem is that new system then gets popular and more heavily utilised and then sooner or later it will be plagued with similar issues. Open source is great, but when you have thousands of developers maintaining the core and possibly the same number writing plugins then you are asking for problems. At the very least we feel WordPress should have a code review process for themes and plugins. They have best practice documentation on developing themes and plugins but nothing to check this before a project is approved - it's mad!

@Orionss, you could look into GitHub Pages (https://pages.github.com) and a static site generator like Jekyll (https://jekyllrb.com).

It's free and you don't have to worry as much about security.

If you want/need a back-end, consider a "serverless" architecture (i.e. using AWS Lambda functions to act as your back-end).

@cGF0 Thanks for the infos but I need a real backend !

@Orionss That's what she said! ;-)