Community

A Good Take on the Bots

A Good Take on the Bots

This article on ZDNet makes some great points … namely that WordPress’ very ease-of-use is why it’s a security threat:

WordPress’ big selling point is ease of use. That means it has massive appeal right at the bottom end of the market.

Down at this level, even in 2013, websites are usually little more than static brochureware that gets updated rarely, if at all. With nothing to change, the sites’ owners don’t log into WordPress, so they don’t see the software upgrade notices. Or if they do, they don’t know what they mean.

This is where businesses are reluctant to spend even a thousand dollars on a site, so asking them to fork over more money for “maintenance” is a waste of time — what visible difference does it make?

Besides, they’ll say, they have someone who “takes care of” their website.

That someone is generally a “web designer”, not a developer. WordPress has been a boon for them. Its multitudinous free or cheap themes and plugins make it possible to build a decent website with plenty of functionality without having to dirty their hands with actual code. Or dirty their minds understanding it.

Forgive me, for I’m about to commit the sin of extrapolating from personal experience, but in nearly two decades, I have yet to encounter a “web designer” with halfway-decent security practices — by which I mean creating a different login for every human rather than a generic “admin” account, creating strong passwords, not reusing passwords, deleting unused accounts, and not blithely emailing a business’ master internet hosting password to any sub-contractor who might need momentary access.

Indeed, many of those I’ve encountered have deliberately set the WordPress admin password (or its equivalent in pre-WordPress days) to be exactly the same as their client’s hosting account master password, their domain registry password, the login on their PC, and everything else in sight to “make it easier” — because that gets rid of those annoying “I’ve lost my password” support calls.

WordPress is now the tool of choice for these people, and they’ve built millions of WordPress websites.

PREACH.

Source: http://www.zdnet.com/wordpress-attack-highlights-30-million-targets-7000014256/

WPMU wants U

WPMU wants U

In the era of free journalism, WordPress tutorial website WPMU is bucking the trend … they’re not only seeking writers, but they will pay said writers. Up to $500 a post. Well, $500 if it’s truly epic:

We’ll pay you:

Truly epic isn’t the most descriptive term, but the truly epic article they link to–Sibohan McKeown’s “Why You Should Never Search For Free WordPress Themes“–is pretty classic. And it has almost 18,000 incoming links. Which is also pretty epic.

They don’t just promise money, though, they’re offering fame too: They tout Sibohan’s recent acquisition by Audrey Capital as one of the reasons you should totally write for them. And hey … they do index well!

Image: WPMU offices in Melbourne.

Pressgram has been funded!

Pressgram has been funded!

Pressgram has been Kickstarted! John Saddington, WP Daily publisher and all-around entrepreneur, will receive more than $50,000 to put toward his Instagram-inspired brainchild.

Pressgram aims to be a photo-filtering app that will allow users to post their creations directly into WordPress, or share across various social networks.

In addition to the direct-to-WordPress option, the key difference between Pressgram and Instagram is in the content philosophy: Pressgram declares all photos are the sole property of the user.

The successful funding was a bit of a last-minute rally, as earlier this week WordPress co-founder Matt Mullenweg pulled his $10,000 pledge after realizing the project conflicted with his open-source ethos:

But the WordPress community supported the project nonetheless, with some offering their followers even more incentives if they made or upped their pledge.

With 6 hours left in the campaign, Pressgram is $2K over their funding goal.