A contractor whose website takes 4 seconds to load on mobile has already lost the lead before the first paragraph renders. Your platform choice determines whether you compete on urgency or only on price.
For home-services businesses without in-house developers, WordPress on managed hosting — Kinsta, WP Engine, Rocket.net — with an optimized block theme is a viable solution that can clear Core Web Vitals. When the goal is ranking in multiple markets and being cited by ChatGPT, Gemini, or Perplexity, Next.js with a headless CMS is the correct architecture. Initial development costs 2–4x more, but 3–5 year maintenance is typically lower: no plugins to update, a dramatically smaller attack surface. The 2025 data are clear: Patchstack logged 7,966 vulnerabilities in the WordPress ecosystem in 2024 — 34% more than 2023, 96% in plugins and themes — while Wordfence blocks 55 million exploit attempts per month. Next.js eliminates that systemic risk by design because it carries no third-party plugin ecosystem.
If Solo contractor or micro-business, budget under $4,000, needs a site live in 4 weeks
If Home-service company with 5–30 employees, no developers, targeting local SEO in 1–3 cities
If Agency or company scaling to multiple markets with programmatic content and maximum GEO/AEO performance
If Existing WordPress site that needs better performance without a full rewrite
If Business with development budget but no internal technical team for ongoing maintenance
If Agency managing a portfolio of 10–50 home-service clients
| WordPress | Next.js#1 | |
|---|---|---|
| Median LCP — mobile, no extra optimization | 3.5–4 s (standard install, no CDN or page cache) | ~1.2 s (SSG/ISR from CDN; Vercel reference benchmark) |
| Core Web Vitals pass rate — mobile | 45% of WordPress sites pass all 3 CWV (Web Almanac 2025) | Static architecture consistently beats the 48% global average |
| Hosting cost per month | $4–15 shared / $35–180 managed hosting | $0 Hobby / $20/mo Vercel Pro per developer |
| Initial development cost | $1,500–$9,000 (premium theme + setup) | $9,000–$45,000 (custom build with headless CMS) |
| Estimated annual maintenance | $1,500–$7,000 (plugins, updates, security) | $250–$900 (dependencies, periodic review) |
| Structural security | 7,966 new CVEs in 2024 (+34% vs 2023); 96% in plugins/themes | No plugin ecosystem; attack surface dramatically smaller |
| Non-technical editing | High — native Gutenberg block editor; no technical learning curve | Depends on headless CMS chosen (Sanity, TinaCMS, etc.) |
| SEO / Core Web Vitals | Achievable with Yoast/RankMath + managed hosting + optimized theme | Native: code-splitting, Image optimization, SSG/ISR — no plugins needed |
| AI citability (GEO / AEO) | Medium — requires schema.org plugins and ongoing maintenance | High — structured data generated from code; controlled semantic HTML |
| Scalability (programmatic pages) | Limited without dedicated cache plugins + CDN at additional cost | High — ISR/SSG renders thousands of static pages with no degradation |
| Recommended hosting | Kinsta, WP Engine, Rocket.net ($35–180/mo) | Vercel, Netlify, Cloudflare Pages, self-hosted |
| Time to market (basic site) | 1–3 weeks with theme + page builder | 4–12 weeks with full custom development |
| Web market share (June 2026) | 42.2% of all websites; 59.6% of CMS market (W3Techs) | React framework; no direct CMS market share figure |
| Developer satisfaction (Stack Overflow 2025) | Widely used professionally; questioned for high-performance projects | Next.js among the most adopted and admired frameworks in the React ecosystem |
| Base license | GPL-2.0 — free and open source | MIT — free and open source |
| Enterprise adoption | Dominates SMB and global media markets | 1M+ monthly active developers; clients include OpenAI and Perplexity |
| WordPress | Next.js | |
|---|---|---|
| Mobile CWV performance | 5 | 9 |
| Structural security | 4 | 9 |
| Editorial ease (non-technical) | 9 | 6 |
| AI citability / GEO | 5 | 9 |
| Programmatic scalability | 5 | 9 |
| 3-year total cost | 6 | 7 |
| Time to market | 9 | 5 |
WordPress is the world's most-used CMS, powering 42.2% of all websites globally and 59.6% of the CMS market (W3Techs, June 2026). Its core strength is operational accessibility: anyone without technical skills can publish content and manage service pages using the Gutenberg block editor, no developers required. The risk builds over time — the 60,000+ plugin ecosystem introduces a compounding security and maintenance debt. In 2024, 96% of all documented vulnerabilities came from plugins and themes, not the core (Patchstack).
Managed hosting: $35–180/mo. Premium theme: $60–250 one-time. Annual maintenance with developer: $1,500–7,000. Key premium plugin licenses (SEO, cache, security, schema): $350–900/yr.
Home-service businesses with an in-house editorial team, a budget under $10,000, and a need to go live quickly in 1–3 locations without dedicated developers.
Next.js is the most-adopted React framework for production, maintained by Vercel. In September 2025, Vercel closed a $300M Series F at a $9.3B valuation and reported 1M+ monthly active Next.js developers. Its structural advantage is performance: SSG and ISR serve pre-generated HTML from a global CDN, eliminating PHP server wait time and delivering LCP benchmarks of 1–2 s on mobile without extra configuration.
Vercel Pro: $20/mo per developer. Cloudflare Pages or Netlify: from $0. Headless CMS (Sanity): free up to generous limits, then ~$99/mo. Initial development: $9,000–$45,000.
Agencies and home-service businesses with a development budget, a goal of maximum local SEO performance, programmatic content at scale, and a need to be cited by generative AI engines.
What real users praise and criticise on G2, Capterra, Trustpilot and Reddit — with sources.
WordPress generates polarized sentiment in the technical community. Non-technical users — business owners, marketing teams, copywriters — consistently value ease of publishing and editorial independence. Senior frontend developers increasingly question the platform for projects where performance, security, and scalability are hard requirements. In 2025 community surveys, WordPress ranks as the most frequently used tool by project volume, but not among the most admired for developer satisfaction.
Next.js generates high satisfaction among developers using it in production, especially on projects where performance and architecture matter. The Stack Overflow Developer Survey 2025 confirms React and Next.js as the most professionally adopted web frameworks, with Next.js established as the standard choice for production React projects. Criticism focuses on growing framework complexity — the App Router introduced conventions that caused initial friction — Vercel deployment dependency, and costs that can scale non-linearly with traffic. On r/nextjs and r/webdev, the dominant sentiment is positive for teams with technical staff, with reservations for projects where editorial publishing speed is the primary priority.
A competitive WordPress install for a home-service business requires at least five categories of premium plugins: SEO (Yoast Premium or RankMath Pro, ~$79–$99/yr), performance/cache (WP Rocket, $59–$299/yr), security and WAF (Wordfence Premium or Solid Security Pro, $119–$199/yr), advanced schema (Schema Pro or RankMath Business, $79–$229/yr), and forms or CRM (Gravity Forms, $59–$259/yr). Annual premium plugin licenses for a serious install run $400–$1,100, on top of the time spent validating that each update does not break inter-plugin compatibility. When a plugin stops active maintenance — common in a 60,000+ extension ecosystem — the site owner must migrate to a replacement or carry an unsupported security risk.
Wordfence reports blocking 55 million exploit attempts and over 6.4 billion brute-force attacks per month across its network. A WordPress site without active security — WAF, monitoring, frequent updates — is a routine target for automated bots scanning for known plugin vulnerabilities. The recovery cost for a compromised home-service business — forensic cleanup, backup restoration, Google Search Console reputation review, ranking recovery — ranges from $900–$7,000 depending on scope and backup quality, not counting downtime or the reputational damage of customers landing on malicious content instead of your services page.
Next.js on Vercel is free on the Hobby plan with reasonable limits for small sites, but costs scale non-linearly as traffic grows. The Pro plan starts at $20/mo per developer and offers more bandwidth, serverless functions, and ISR support, but data transfer and function execution can generate $100–$500/mo bills at moderate-to-high traffic volumes. Beyond that threshold, migrating to self-hosted infrastructure — AWS, Cloudflare Pages, VPS with Docker — requires additional technical knowledge that must be planned from the start. Cloudflare Pages with Next.js support is free up to very high volumes but does not implement all Vercel features with the same fidelity.
Islands-architecture framework optimized for static editorial content with zero client-side JavaScript by default. Produces the best possible Core Web Vitals for content-heavy sites — pillars, glossaries, sector pages. Supports React, Vue, or Svelte components where interactivity is needed. Lower learning curve than Next.js for teams outside the React ecosystem. Ideal when performance is the absolute priority and client interactivity is minimal. Web Almanac 2025 shows Astro sites with CWV pass rates above the global average.
Visual editor with clean HTML output and CDN hosting included. Lets non-technical profiles design and publish without touching code, with performance notably superior to WordPress thanks to its static architecture. Predictable monthly cost of $14–$39/mo on site plans with no plugin surprises. Limited for sites requiring complex business logic, programmatic content at scale, or advanced i18n. No WooCommerce equivalent for full e-commerce.
Design and publishing tool oriented toward high-visual-impact marketing sites. Enables agency-grade animations and transitions without code, with CDN hosting and competitive performance. Plans from $10/mo for basic sites up to $50/mo for teams. Ideal for home-service landing pages that prioritize visual presentation and conversion over extensive editorial content. Limited for blogs, glossaries, or programmatic content at scale.
Every decision we make has a verifiable source behind it.
WordPress sites passed mobile Core Web Vitals at 45% in 2025, below the 48% global average, while static-architecture platforms consistently exceed that threshold.
The HTTP Archive Web Almanac 2025 analyzes real CWV performance by CMS using CrUX data. WordPress shows an improvement of ~4 percentage points versus 2024 but remains among the CMS platforms with the lowest mobile pass rate. Platforms like Duda (85%), TYPO3 (79%), and Wix (74%) far exceed the global average, demonstrating that architecture has more impact than platform popularity.
7,966 new vulnerabilities were documented in the WordPress ecosystem in 2024 — 34% more than 2023. 96% came from plugins and themes, not the core.
Patchstack published its 2025 annual WordPress security report covering 2024 data. More than 33% of reported vulnerabilities had no patch at the time of public disclosure, and 43% required no authentication to exploit — making them especially vulnerable to automated attacks at scale.
WordPress holds 42.2% global website market share (59.6% of the CMS market), with the first significant decline recorded in 2025–2026.
W3Techs recorded the first significant WordPress share drop — from 43.2% in December 2024 to 42.2% in June 2026 — the largest decline in over a decade. Growth of SaaS platforms like Wix (4.2%) and Shopify (5.1%) and rising adoption of headless frameworks partially explain the trend.
How to apply local SEO and GEO/AEO to the emergency cycle of the plumbing trade.
ExploreThe visibility layer of the Made For Builders stack: local SEO, Google Business Profile, and LLM citability.
ExploreAll home-service and construction trades we help digitize in the US market.
ExploreThe real questions we get every week about this comparison.
Thirty minutes by video or phone. No jargon. The team answers with data from your business on the table.
Talk to the teamYes, but it requires deliberate configuration that most standard installs lack. The recipe has five components: managed hosting with PHP 8.3+ and object caching (Redis or Memcached) to cut TTFB; a full-page cache plugin — WP Rocket, LiteSpeed Cache, or W3 Total Cache properly configured; a lightweight block theme without heavy page builders like Elementor or Divi (GeneratePress, Kadence, and Blocksy are the most recommended); aggressive image optimization with modern formats (WebP minimum, AVIF where hosting supports it), native lazy loading, and correct srcset sizes; and a CDN serving static assets from nodes geographically close to users. With all of that in place, many WordPress sites reach LCP below 2.5 s on mobile and pass all three CWV. Without it, the Web Almanac 2025 shows 55% of WordPress sites fail at least one of the three mobile thresholds.
It depends on team profile and publishing frequency. For businesses with non-technical staff publishing several times a week, Sanity offers the best balance: a highly customizable visual studio, a generous free plan (up to 10,000 documents and 2 projects at no cost), and an editing experience any profile can master in an afternoon. For projects where in-context editing — modifying text directly on the live site preview — is the priority, TinaCMS is the most intuitive option: editors see exactly what visitors will see. For projects where the technical team manages content infrequently, MDX files managed directly in the repository with Velite or Contentlayer eliminate the external service dependency, keep content in version control, and simplify the stack. The practical rule: if someone non-technical publishes more than once a week, use Sanity; if the technical team manages content infrequently, use MDX; if visual in-context editing is needed, use TinaCMS.
Both factors exist, but the structural one determines long-term risk. Next.js has no third-party plugin ecosystem: all functionality is built by the development team directly in the codebase under their own quality control, eliminating WordPress's primary vulnerability source. Patchstack's 2024 data are clear: 96% of the 7,966 CVEs documented in the WordPress ecosystem that year came from plugins and themes, not the core. That means a WordPress install with 15–20 active plugins automatically inherits the accumulated risk of each of those third-party projects. Next.js's lower popularity as an attack target reduces attacker motivation to develop generic exploits — bots sweeping the web look for known patterns like `/wp-login.php` or specific plugin versions — but that is a secondary argument. A badly built Next.js application can have serious vulnerabilities; the difference is that it does not inherit them automatically from plugins installed without exhaustive review.
The most common range for a US home-service company with 20–60 pages and moderate local competition is $1,800–$6,000 per year in maintenance, broken down roughly as: quality managed hosting (Kinsta Starter or WP Engine Personal): $420–$2,160/yr; premium plugin licenses needed to be competitive (SEO, cache, security, schema): $400–$1,100/yr; developer hours for updates, plugin conflict resolution, security reviews, and incremental improvements: $600–$2,500/yr; external managed backups if not included in hosting: $72–$200/yr. Agency maintenance plans in the US range from $150–$600/mo depending on scope. Over 3 years, that recurring cost frequently exceeds the initial development investment. Compared to Next.js — typical annual maintenance of $250–$900 in dependencies and periodic technical review — the total cost of ownership difference over 3–5 years often offsets or eliminates Next.js's higher upfront development cost.
Yes, directly and with documented evidence. Google uses Core Web Vitals measured from real users via CrUX as a ranking signal since May 2021, with greater relative weight in the 2022 and 2024 updates. For local emergency searches — "emergency plumber near me," "electrician 24h," "HVAC repair today" — first-page competition is high and the difference between position 1 and position 5 can represent 80% of qualified traffic. A site with LCP above 4 s on mobile not only loses positions: it also increases bounce rate. Google Search Central documents that pages loading in more than 3 seconds on mobile generate bounce rates 32% higher than pages loading in 1 second. For home emergency services, where the customer needs to call within 2 minutes of starting the search, that behavior difference translates directly into jobs won or lost.
Yes. Generative AI engines cite content based on three main criteria: technical accessibility — bots can crawl and read the HTML without robots.txt blocks; semantic structure — correct use of schema.org, hierarchical headings, direct and explicit answers to specific questions; and editorial authority — backlinks from relevant domains, content freshness, and a verifiable author with clear attribution. WordPress can meet all three with proper configuration: Yoast Premium or RankMath Pro for schema.org, clear content structure, and a robots.txt that does not block AI crawler user-agents. The specific GEO/AEO risk with WordPress is that this configuration depends on plugins that can be deactivated, updated incompatibly, or generate invalid schema.org without the site owner noticing. With Next.js, structured data is generated from code and validated at every build: it cannot disappear because of a plugin update.
It depends on current state and business objective. If the WordPress site consistently passes Core Web Vitals, ranks well locally, and the editorial team is comfortable publishing, migration has a high cost with marginal short-term benefit — it is not worth doing for technology alone. Migration makes sense when one or more of these conditions apply: the site repeatedly fails mobile CWV and the WordPress stack cannot fix it without deep theme and plugin refactoring; scaling to extensive programmatic content is needed — hundreds of city pages, service-by-neighborhood pages, technical glossary — that WordPress handles poorly without complex additional architecture; multi-market expansion with robust i18n and maximum performance control is the goal; or the current WordPress maintenance cost — plugins, security, hosting, developer hours — exceeds $3,500/yr with an upward trend. The middle path is WordPress headless: keep the familiar Gutenberg editor for the editorial team and add Next.js as the presentation layer via WPGraphQL or the WordPress REST API. It is more complex to maintain than either alone, but allows a gradual migration without losing the established editorial workflow.
For an agency with volume — more than 10 active clients in the same sector — Next.js with a reusable template architecture and shared headless CMS has a clear structural advantage: the marginal cost of each new client decreases because the design system, components, content types, and deployment infrastructure are reused. WordPress can be competitive for isolated projects where delivery speed is the priority and the client has no advanced performance requirements, but in a portfolio of 20–50 clients the plugin maintenance debt multiplies almost linearly: updating and validating 15–20 plugins per site across 30 clients means potentially 450–600 updates to review each month. For small clients with very tight budgets and no performance demands, Webflow as a managed platform eliminates maintenance debt with a predictable monthly cost.
This comparison covers WordPress.org — the open-source, self-hosted software you download, install on your own hosting, and maintain yourself. WordPress.com is a commercial SaaS product from Automattic that hosts WordPress for you with managed plans ranging from free (with ads and a subdomain) to $45/mo (Business, with plugin access). The performance and security data cited here — Patchstack CVEs, Wordfence exploit statistics, HTTP Archive CWV pass rates — apply to self-hosted WordPress.org installs, which represent the vast majority of the 42.2% web market share. WordPress.com's managed tiers handle updates and security differently, but restrict plugin access on lower plans, limiting the full performance optimization stack described in this comparison.
AI-assisted local searches in the US — Google AI Overviews, ChatGPT with search enabled, Perplexity — prioritize content meeting four technical conditions simultaneously: crawlability (robots.txt with no blocks for AI bots, server response time under 500 ms); correct semantic structure (schema.org LocalBusiness, Service, FAQPage, and HowTo implemented and validated); content with direct answers (explicit questions answered in the first lines of a paragraph, verifiable figures with cited sources); and demonstrable local authority (local directory mentions, optimized Google Business Profile, backlinks from local media). WordPress can meet all four with correct plugin and content configuration; Next.js meets them more reliably because structured data is generated from code and cannot disappear because of an update.
We tell you if AI cites you today, why not, and the three things to move first. With your business data on the table. Document in 24h.
Book your audit