WordPress as a platform has been a solid, secure application over the years. The few times a vulnerability has been found, the WP team has been super-fast to patch it, publicize it, and take care of business.
That said, there are two major areas where WordPress lacks in security:
There are so many plugins for WordPress, which is part of what makes it so great. However, those plugins can also present attack vectors, and we see evidence of this almost every day.
It was just revealed that most WP users have very little understanding of the risk they are lending to their own websites. Not updating plugins, not updating WP itself, and not doing backups, are the most easily fixed things that people tend to not do.
This puts WP websites at risk, lets them get hacked, and gives WordPress as a whole a bad wrap.
The survey of 503 WordPress users, which took place online during February this year, revealed that WordPress users are more exposed to security problems than expected. In total, 54 percent of respondents said they updated WordPress between once a week and every few weeks, and yet only 24 percent back their websites up — and only 23 percent have received training in the use of tools such as backup plugins.
On that note, I thought I’d mention that the most popular SEO plugin for WordPress, Yoast’s WP SEO, has a new, major vulnerability in it. GO UPDATE!
Looks interesting, and makes complete sense that the platform veers this direction. The changes will be big, but the product will be better.
A(nother) New Era of WordPress
While laid up feeling ill this weekend I decided to whip out a new logo and website design for my band, The Night Trotters. There is still a wee bit of tweaking to do, but it’s close to being complete. Check it out!
The Night Trotters
If you are not a fan of making your own theme, you can use the nifty Find Themes website to pick one that suits your needs. While I have built many a WordPress theme from scratch, on this site, I tend to try out different themes other people have made so that I can learn more about the whole process. Now that I’ve found Find Themes, you may be seeing the theme here change again very soon.
WordPress 3.8: New Features and What To Look Out For.
I’ve been using the MP6 plugin on this website for quite some time, and now it will be part of WordPress by default. It’s a good bit different from what you may be used to visually, but it is a much easier interface to use. I’m looking forward to it.
This year we have seen the dawning of the responsive design craze amongst web designers and developers. I remained skeptical about the trend, primarily because I was raised in the world of good usability and accessibility, and breakpoints and adaptive images seemed incongruous and presumptuous with the foundations of those schools of thought. While responsive design proponents like to say that multi-device adaptation is providing good usability, I disagree.
Relating to my favorite CMS, WordPress, the whole responsive design trend has rubbed me in even more wrong ways. I’ve watched designer after designer dive into responsive WordPress themes, and I’ve even tried using a few myself, only to leave me wondering…why?
This article has some great analyses on this exact topic, and it provides some good food for thought in regards to responsive design and WordPress. From the article:
My biggest issue with responsive design is that it is a reactive client-side approach which, in the context of a server-side content management system like WordPress, seems completely unnecessary.
What are your thoughts on responsive design and WordPress?