WordPress Webmaster - Tech and Development

The Saga Continues

WordPress

WordPress was borne of initial idea seeding via B2 (Cafelog) in 2001, which was launched by Michael Valdrighi. In 2003, cofounders Matt Mullenweg and Mike Little forked B2 and created WordPress, an Open Source blogging and now content management system estimated to power the largest number of websites of any individual product (20%). Through the largest thriving community of any website management system, WordPress has grown to include theme designers, plugin developers, webmasters and site developers. With the power of participants, WP now can power anything from small individual blogs to large multi-user social communities to business websites. Core contributing developers include Ryan Boren, Mark Jaquith, Matt Mullenweg, Andrew Ozz, Peter Westwood and Andrew Nacin. WordPress has just recently celebrated its 10 year anniversary.

WPCommunity

WPCommunity.com was started as an extension of Web Developer Tom Ford who found WordPress in the early days looking for a solution to power a group of large websites that had outgrown their flat HTML infrastructure. Needing more features, WordPress was chosen based on another user who was kind enough to put together a comparison chart of several platforms, with detailed information. The way this individual was able to present this side by side comparison using WordPress ultimately led to giving it a shot...which led to massive experimentation to the different things it could do. The heavy and growing demand for assistance led to offering such, bringing us to today. Tom Ford has contributed to various other development agencies including TC Websites, WPMU.org and WPML. (as well as solving countless technical issues and working through many full website builds).

Photo Credit: IntangibleArts

MAY 6, 2016
WORDPRESS 4.5.2 SECURITY RELEASE  WordPress 4.5.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.5.1 and earlier are affected by a SOME vulnerability through Plupload, the third-party library WordPress uses for uploading files. WordPress versions 4.2 through 4.5.1 are vulnerable to reflected XSS […]
  • RECENT WORDPRESS NEWS ON THE WEB
      • MAY 27, 2016
        WPTAVERN: JETPACK 4.0.3 PATCHES A CRITICAL XSS VULNERABILITY

        jetpack-logo

        Jetpack 4.0.3 is a security release that contains an important fix for a critical vulnerability that has been present in the plugin since version 2.0, released in 2012. According to Jetpack team member Sam Hotchkiss, a stored XSS vulnerability was found in the way that some Jetpack shortcodes are processed, which allows an attacker to insert JavaScript into comments to hijack a visitor’s browser.

        This particular bug is similar to one recently found and patched in bbPress.

        “Similar issues may exist in other plugins, and it’s a good reminder about the power of regular expressions to create issues when parsing data,” Hotchkiss said.

        The Jetpack team has been working with the WordPress security team to push out point releases for all vulnerable branches of the plugin’s codebase, which includes all versions following 2.0. They are using WordPress’ core automatic update system, so all sites that have not explicitly opted out will receive the security update.

        “Fortunately, we have no evidence of this being used in the wild,” Hotchkiss said. “However, now that this update is public, it’s just a matter of time before someone attempts to exploit it.” The Jetpack team is advising users to update as soon as possible, as the update also fixes any potential exploits that may have already been put in place.

        The team credits Marc-Alexandre Montpas from Sucuri for finding the bug and disclosing it responsibly. Users will be notified about the security release via email, but those who have Akismet and/or VaultPress installed have already been protected since the first reporting of the vulnerability.

        MAY 26, 2016
        POST STATUS: GROWING A LIFESTYLE BUSINESS WITHOUT LOSING THE LIFESTYLE

        Editor’s Note: This is a guest post by Nate Wright. Nate is a WordPress developer and solopreneur. He runs Theme of The Crop, a niche WordPress theme company geared toward restaurant websites. You can learn more about Nate on his Post Status profile and follow him on Twitter.


        Here’s a scenario you’re probably familiar with: a friend or family member, not terribly tech-savvy, approaches you with an idea. Why don’t you build Facebook for clowns? What about Uber for sandwiches?

        Their ideas are often a little better than these. Sometimes they’re worse. But in my case the conversation always gets to the same point in the end.

        You can build stuff on the internet. Why aren’t you shooting for the stars? Don’t you want to be rich like Zuckerberg?

        Right now some of you may be thinking: yes I do! This post isn’t for you.

        This is for those of you who cringe at the thought of your days filling up with hiring and training staff, conducting meetings, or filling out paperwork. Those of you who don’t want to live the big siloed life of a CEO. Who dove into the WordPress market because you wanted to build things yourself. For yourself.

        The rockstars and the rest of us

        It’s hard to find someone more widely admired among WordPress developers — and more deserving of that admiration — than Pippin Williamson. So when he described his evolution from staunch go-it-aloner to team leader, many of us sat up and listened.

        The comments in response to that post exhibit a common mix of anxiety, frustration and hope for us go-it-aloners, who have carved out small (and not so small) niches in the WordPress world.

        We’re overstretched and under resourced. We lack good marketing strategies. And we can see that growth will come from transforming our businesses into larger enterprises.

        But then we start thinking about what that means. The hiring. The firing. The training. The meetings. The paperwork. The liability.

        ‘I don’t want to be the next Zuckerberg,’ you may think. Then, hopefully, you’ll laugh at the absurdity. But really, you may think, ‘I don’t even want to be the next Carl Hancock or Joost de Valk.’

        Let me be honest with you. I’ll stop putting words in your mouth and put them in mine.

        I have a lifestyle business. No, I don’t sell lifestyle products. I have a business tailored to my lifestyle.

        I have a business that allows to me to take lunch when I want, finish the day when I want, go on holiday when I want, write the code that I want. That’s my job perk. That’s my killer bonus. No, that’s my Shangri-La.

        When people tell you to hire early or scale quickly, they’re right that giving up control can be liberating. But it can also be encumbering. It brings new responsibilities at the same time that it releases you from old ones.

        Whether or not growing your team is right for you will depend on your temperament, your appetite and the kind of lifestyle you want.

        Being a little fish in a big pond

        But let’s be honest. You took a chance on the WordPress market because you saw a window of opportunity. That window may be closing.

        In the last few years we’ve seen a lot of consolidation. The theme market exploded, made millions for a few, and then caused a gold rush which saturated the market and pushed out small operators.

        At the same time, two big traditional distribution channels dried up: the official WordPress.org theme repository, which has a huge backlog of themes awaiting approval, and Automattic’s marketplace, which is closed to new entrants.

        We’re also seeing more traditional investment in WordPress properties. The big one is the $160 million raised by Automattic and Automattic’s subsequent acquisition of WooThemes. Many actors are moving more aggressively to leverage or retain their market position. Syed Balkhi is on a buying and building spree (1, 2, 3, 4). Ninja Forms did a ground-up rebuild. Pippin’s shedding non-essential products (1, 2) and purging some third-party addons.

        The ecosystem looks increasingly unfriendly to us go-it-aloners. Automattic was the first to go big. Given exclusive commercial access to the WordPress trademark, it carved out its own space and split WordPress down the middle. Now the other half — the WordPress for the rest of us — is going big too.

        The nice thing about being a small operator is that you only need a tiny sliver of the pie. But as the size of the market has grown, it’s become more difficult to attract attention. Showing up with a good product isn’t enough.

        Going it alone, together

        My lifestyle business is working well for me. Revenue keeps inching up. Slowly.

        But it might not make it in a different kind of WordPress space. I’ve been thinking a lot about that lately. And I bet you have too.

        Where’s the market going? What am I willing to trade to survive? Which headaches are worth changing direction for and which headaches aren’t?

        Here are some of the ideas I’ve been tossing around:

        Contractors

        Hiring out. I could scale up or down easily, depending on how well it goes. But it’s tough to manage quality when juggling vendors.

        And what would I contract? I’d like to shed my bumbling efforts in marketing and traffic generation. But that seems like precisely the kind of job full of jackals who don’t know what they’re doing.

        Ok, that’s harsh. I’ll just say: I worry it’d be a headache to manage it well.

        Theme development seems the most plausible, since there’s a large body of talented, hungry themers washing up from the stormy seas of ThemeForest. But it may be the least valuable since the market is being swallowed up by a few big themes.

        Commissions

        Affiliate marketing is already working for me. A little. I could go further and recruit theme or plugin developers to sell from my site on commission.

        Then I’m saddled with support for products I didn’t build. Can I maintain quality? Can I drive enough traffic to be an attractive outlet for them? Will I end up with all of the headaches I wanted to avoid?

        Partnerships

        Maybe I’ll trade in my king-of-the-hill cap and bring on partners. Not employees. Genuine partners with overlapping skill sets. Instead of being a go-it-aloner we can be two or three go-it-aloners going it alone together!

        Or maybe that’s just a terrible way to run a business.

        Alliances

        There are a lot of us out there. Independent themers looking to expand beyond ThemeForest or give up on the old freemium approach of the official repository. Plugin developers looking for a new home or seeking out themes that will integrate with their plugins.

        We could probably do something special if we made stronger alliances. Combined to build to stronger platforms for our products.

        But that sounds like a lot of project management. Isn’t that what we were hoping to avoid?

        I don’t know. I’m going to go write some code.

User Representations

"Numbers Don't Lie, Check the Scoreboard"

Download Counter