I've been using blog tools as CMS for years. So I say go for it, it works fine for me.

Especially of interest is WP2's static page support. But even without that, I've removed the blog-ish bits from the templates (like post date and pingback stuff) for a long time to use WP and other tools as CMS.

The only downsides I can see are:
1) even if you disable comments and trackbacks, you'll attract a lot of comment spam. Removing it from the templates stops it from being displayed, but not from being submitted.
2) If you aren't alert to RSS, you may wind up sending feeds to aggregators before you're ready. WP by default will ping pingomatic every time you post. It's not obvious that you should shut that off while you build your site up.
3) stay alert to vlunerabilities. But that goes for any popular software really. It's just that if you aren't using xml-rpc (for example) you probably won't think about it a lot. I just remove the thing from my WP installs.

I have also heard and also read an article somewhere where someone was using wordpress as a cms.

Do a google and hopefully you will find one.

WP is a fine CMS. You can use write "Pages" instead of posts, create parent/child page relationships, create static-looking URLs. If I was using it for CMS-only purposes, like linear, I'd probably hack some of the blog stuff completely out of the code/templates.

<<...I'd probably hack some of the blog stuff completely out of the code/templates>>

Are you referring to trackbacks, pingbacks, comments, etc...?

Yes, I'd remove that stuff unless you want to make the site interactive, in which case WP has what you need built-in and ready to go.

Most of that stuff constitutes allowing anonymous/semi-anonymous users to put content on your pages though. If you're not prepared to manage the spam onslaught, pull every mechanism for anyone other than yourself to update a page.

Added: just reread your previous post, rogerd. We're in agreement. My main point is: if you want the comments, go in armed with a strategy to manage the spam. There are plugins that help, but there really isn't a set-and-forget anti-spam feature in any tool I know of.

It can, but I'd suggest at least trying Joomla. For me Joomla was an easier install than WP and I'm finding online help for Joomla to be plentiful and of high quality.

As far as usage goes, the learning curve is a little bit steeper, but I find that to be a good thing.

Joomla has SEO options as well like static URLs and control over page title etc.

Joomla has much more power and flexibility, but I'd find it difficult to beat WP for ease of installation and configuration. WP's "5 minute install" has worked for me every time. (Well, once I had some FTP corruption, but I won't blame the software for that.)

WP does SE-friendly URLs with the "page slug" feature, though it doesn't offer custom titles as a standard function.

>> It's just that if you aren't using xml-rpc (for example) you probably won't think about it a lot. I just remove the thing from my WP installs.

Slightly OT, but what does the xml-rpc do and what happens if I don't need it and delete it? Nothing?

In the context of Wordpress, xml-rpc,php implements the blogger API and a couple other APIs that allow you to post from Windows clients like w.bloggar or other blogging clients aimed at making it easier to post.

If you don't use that sort of tool, removing xml-rpc.php reduces the attack surface of WP. Look at it as a programmable way to post. There have been some worms targeting vulnerabilities in xml-rpc (although not necessarily in WP's implementation).

We should do a "locking down Wordpress" thread.

>>We should do a "locking down Wordpress" thread

Great idea, linear, and thanks for volunteering to kick it off! ;)

Wow thank you so very much, you guys come through for me every time I need help! :-)