Home » Blog » Digital publishing » Headless hype – is it the right CMS type for publishers?
Share on

Headless hype – is it the right CMS type for publishers?

Corey Brown Corey Brown
Food, Fruit, Plant

As digital publishing organisations evolve, their online presence and the way they deliver content also evolves. In recent years, ‘headless’ has become a popular buzzword in the digital world. However, deciding whether to build a headless CMS or stick with a traditional CMS isn’t so straightforward. The additional costs and resources required to develop a headless architecture may not be worthwhile for your specific requirements. Let’s dive in to find out what works for publishers…

What’s so good about headless anyway?

Before we delve into the decision-making process, it’s important to understand what a headless CMS is and how it is differentiated from your standard CMS. 

A headless CMS is a content management system that is decoupled from the front-end. In a traditional CMS, the front-end and back-end are tightly coupled, which means that the CMS controls both the content management and the presentation layer. With headless, the back-end is responsible for content management only, while the front-end is built separately and consumes the content via an API. This means that you can design and develop the front-end according to your specific needs, without any restrictions.

What this gives publishers running their site on a headless CMS is a new level of flexibility. With a headless setup, you can store your content in a centralised location and use it across multiple platforms, such as web, mobile, and smartwatches, through APIs. This allows you to create a seamless user experience across all devices; potentially a huge advantage for large digital publishers. 

With a headless setup, you can store your content in a centralised location and use it across multiple platforms, such as web, mobile, and smartwatches, through APIs. This allows you to create a seamless user experience across all devices.

Content authors and editors can manage content using a web-based interface that is separate from the front-end, creating user experiences across these different devices that are not limited by the CMS’s built-in functionality. This interface is usually just the CMS itself, providing editors with a user-friendly interface for managing and producing content, including creating, editing, and publishing articles, pages, and other types of content. Once content is published, it can be accessed and displayed on the front-end application via the API.

Headless CMS diagram vs traditional CMS

What to consider before choosing a headless CMS

While the benefits of headless CMS are compelling, it’s important to consider a few factors before deciding to go with it. Here are some of the more important ones to consider:

Content strategy 

The first thing to consider is the type of content your company publishes. If you have a complex content strategy that involves a lot of multimedia content, such as videos, images, and audio files – which is probably the case if you’re a large digital publisher – a headless CMS might indeed be the way to go. On the other hand, if your content is mostly text-based, a traditional CMS could suffice.

Team expertise 

Building a headless CMS requires specialised skills, such as API development and front-end development. If your team does not have these skills, it may be difficult to build and maintain a headless CMS in-house. In such a case, it may be more beneficial to stick with a traditional CMS that your team is already familiar with.

Development time 

Building and maintaining a headless CMS requires more time and resources than you’d need for a traditional CMS. If you have tight deadlines and need to launch your website or app quickly, and can foresee that developer capacity may be a problem in the future, a traditional architecture may be the better option.


It’s important to carefully consider the costs involved. Building a headless CMS will almost surely be more expensive than building a traditional CMS, especially if you need to hire specialised developers. If you have a limited budget, the bells and whistles of a headless setup may be overkill, and a traditional CMS could be a sufficient and cost-effective option. 

What about security?

Certainly, security is a critical factor to consider when choosing whether to go ahead with building a headless CMS. It’s essential to conduct a thorough security assessment and involve security experts in the development process to ensure that the CMS is secure and compliant with industry regulations. There are a few areas you’ll want to be mindful of:


With a headless CMS, your content is exposed through APIs, which means you need to ensure that the APIs are secure. If the APIs are not properly secured, hackers can potentially gain access to sensitive information, such as user data or credentials.


A headless CMS requires a secure hosting environment to ensure the safety of your data. You need to ensure that the hosting environment is properly secured, with measures such as firewalls, intrusion detection systems, and regular security audits. Solutions like Altis Cloud for WordPress provide robust cloud-native platforms.

Authentication and authorisation

With a headless CMS, authentication and authorisation are typically handled by the front-end application. This means that you need to ensure that the front-end application is properly secured, with features such as two-factor authentication, password policies, and user roles and permissions.

Code security

The code used to build a headless CMS must be secure and free from vulnerabilities. This means that you need to follow secure coding practices and conduct regular security audits and penetration testing.


If your organisation is subject to regulatory compliance requirements, such as GDPR or HIPAA, you need to ensure that the headless CMS is compliant with these regulations. This includes features such as data encryption, data retention policies, and user data access and deletion.

Can WordPress do this fancy headless stuff?

You betcha. By enabling the WordPress REST API, you can bring these benefits to the world’s most popular CMS. WordPress is a great starting point for building a headless architecture because it provides a strong foundation for managing content. This makes it easy to maintain a consistent content strategy across different channels, such as mobile apps and websites, especially for enterprise publishers managing large volumes of content and traffic. Additionally, WordPress has a large ecosystem of plugins, which makes it easy to create custom experiences for different platforms. This isn’t to mention the huge community of developers and users available to support the development of a headless site.

Your WordPress experts are here

Ready to power your website with enterprise-grade performance?

Let's talk