Jamstack explained: faster, safer, more flexible websites

Jamstack is one of those terms that sounds like marketing jargon but actually describes something genuinely useful. I've been building Jamstack sites for about a year now, and the difference in performance and reliability compared to traditional setups is hard to overstate.

What Jamstack actually means

Jamstack stands for JavaScript, APIs, and Markup. The core idea is simple: instead of generating pages on a server every time someone visits your site, you pre-build the entire site as static HTML files and serve them from a content delivery network (CDN). Any dynamic functionality, forms, search, e-commerce, user accounts, is handled by APIs and JavaScript on the client side.

This is different from how a traditional WordPress or Drupal site works. With those, every page request triggers a chain of events: the web server receives the request, PHP runs, the database gets queried, a template is rendered, and HTML is sent back. That entire process happens for every single visitor, on every single page load.

With Jamstack, the HTML already exists. The CDN just serves the file. Done.

Why it's faster

A CDN has servers all over the world. When someone in London visits your site, they get the page from a London server. Someone in New York gets it from a US server. There's no round trip to a single origin server, no database query, no PHP execution. The page loads in milliseconds rather than seconds.

I recently rebuilt a client's marketing site from WordPress to a Jamstack setup using Next.js and Sanity CMS. The old WordPress site had a Time to First Byte (TTFB) of around 800ms. The Jamstack version? Under 50ms. Page load times went from 3-4 seconds to under a second. The client noticed immediately.

Why it's more secure

Traditional CMS platforms have a massive attack surface. WordPress alone has had thousands of security vulnerabilities over the years, in core, in plugins, in themes. Every PHP file, every database connection, every admin panel login is a potential entry point.

A Jamstack site served from a CDN has almost none of that. There's no server-side runtime to exploit, no database to inject into, no admin panel to brute-force. The CMS sits behind an API, often hosted by the CMS provider themselves (Sanity, Contentful, etc.), with their own security team handling it.

The tools I use

For the front-end framework, I've been using Next.js and Eleventy, depending on the project. Next.js is React-based and excellent for sites that need some dynamic behaviour. Eleventy is simpler and generates pure static HTML, brilliant for marketing sites and blogs.

For the CMS, Sanity has become my go-to. The content modelling is flexible, the editing experience is good, and their hosted plan handles all the infrastructure. Clients log in, edit content, and the site rebuilds automatically.

For hosting, Vercel (made by the Next.js team) and Netlify both offer excellent free tiers. Deploy from Git, automatic HTTPS, global CDN, preview deployments for every branch, it's a remarkable amount of infrastructure for free.

The trade-offs

Jamstack isn't right for everything. Highly dynamic sites, ones where content changes constantly or is personalised per user, can be awkward. Build times can become an issue on very large sites (thousands of pages). And the developer ecosystem, while growing rapidly, is still smaller than what you'd find with WordPress.

For marketing sites, blogs, documentation sites, and small to medium e-commerce? Jamstack is excellent. The performance, security, and developer experience are genuinely better.

If you're curious about whether a Jamstack approach would work for your project, I'd be happy to talk it through. Reach me at [email protected].