The internet as we know it wouldn’t be possible without dynamic, database driven websites. They are impressive feats of software engineering made possible by the collaboration of millions of highly skilled developers. But their power and complexity require maintenance, vigilance, and coordination of a variety of technologies if they are not to get hacked or end up a white screen with nothing but an inscrutable error message (or both).
Dynamic sites can accept user input in various ways, mostly through forms. This necessarily opens up points of entry into the website’s inner workings, and these points are targeted by hackers, incessanty, looking for a foothold to gain illicit access. More accurately, they are targeted by hackers’ scripts, which is all the more concerning because scripts don’t sleep and probably have even less compunction than their writers. These “bad” scripts try to outsmart the “good” scripts that run the site, which is why the “good” scripts have to be carefully maintained. Applying updates to your site allows this maintenance to happen.
Dynamic sites, even if their security vulnerabilities are fully “patched,” require a database, scripting language, and server that coordinates the two. This is often referred to as a “stack” of web technolgies. The components of those stacks are susceptible to security vulnerabilities, and, like the software that makes up your site, have to be maintained and updated.
Moving a dynamic site to another server is not terribly difficult for someone who knows what they are doing, but it is much more difficult than moving a static site, which is nothing more than a bundle of files. And when a dynamic site is moved, there could be incompatibilities with the new server. This is not a problem with static sites, which can be easily and quickly moved around and hosted virtually anywhere, on a traditional server or even directly in so-called S3 “buckets” popularized by Amazon.
Dynamic sites are great if you need to process complex data or interact with visitors in sophisticated ways. If you don’t, you’re much better off with a static site.