> Also, if all these were so much concern, I doubt so much of the web would run on Wordpress.

I used to run a company that all we did was wordpress, joomla, and drupal maintenance, performance optimization, and hack recovery. It very much was and mostly continues to be that bad.

> Risk of breakage on update is a thing everywhere, not just Wordpress.

Ya the issue with server side rendering is that your live environment is made of up dozens to hundreds of difference software stacked on top of each other and they all pretty much need to work perfectly to actually work and or not be vulnerable. And if you use something standard like cpanel to manage your environment, add another 1000 layers of complexity to the stack.

And lets not even go into all the work it takes to have that environment have decent performance and run on reasonably priced hardware.

Where as my concerns for my SSG live environments basically amounts to, is the host publicly accessible? To be vulnerable you would need to do something very stupid like set file permissions to 777 or something.

> If my blog went down I wouldn't lose a sleepless night over it. I'd figure it out later.

And if your blog was serving malware, or really nasty porn, or taking part in a DDoS?

> Also, if all these were so much concern, I doubt so much of the web would run on Wordpress.

What is it that gives you that kind of faith in the industry's decision-making processes?