Best of WordPressOctober 2024

  1. 1
    Video
    Avatar of fireshipFireship·2y

    The WordPress ecosystem has lost its mind…

    The post discusses escalating drama in the WordPress ecosystem involving Matt Mullenweg, Automattic, and WP Engine. Triggered by Automattic's demand for royalties from WP Engine, the conflict has led to legal battles, public controversies, and significant community backlash. The detailed timeline reveals conflicts over trademark usage, financial contributions to the WordPress community, and accusations of improper business practices, significantly impacting WordPress users and developers.

  2. 2
    Article
    Avatar of controversycontroversy.dev·2y

    WordPress Drama: Automattic vs WP Engine

    The WordPress ecosystem is experiencing a significant dispute between Automattic and WP Engine. This conflict could have notable implications for the community, given the prominent roles both companies play in the WordPress space.

  3. 3
    Article
    Avatar of dhhDavid Heinemeier Hansson·2y

    Automattic is doing open source dirty

    Automattic is demanding 8% of WP Engine's revenues, which is seen as a violation of open source principles and the GPL license. This move has potential negative implications for the broader open source community. The GPL license usually includes provisions for no warranty and sometimes requires modifications to be open source, but it does not support arbitrary financial demands. The expectation of financial contributions without clear legal backing undermines the clarity and certainty of open source licenses.

  4. 4
    Article
    Avatar of hnHacker News·1y

    So Long WordPress

    After 14+ years of contributing to WordPress in various capacities, the author has decided to leave the project. Disillusioned by the community's dishonesty and abusive practices, they believe WordPress has become an ecosystem that often exploits its contributors. The author highlights severe issues within the community and expresses concerns about the current state and future of WordPress, emphasizing the need for proper governance. They have archived their projects and stepped away from WordPress-related activities, urging others to consider the consequences of their involvement.

  5. 5
    Article
    Avatar of hnHacker News·2y

    WordPress Alternatives

    Looking for alternatives to WordPress? This post highlights a variety of CMS options that can be downloaded and installed on a server, eliminating the need for API and git-based CMSs. Recommended alternatives include Ghost, Magic Pages, Kirby, Indiekit, Craft CMS, ClassicPress, and Statamic, with notes on their benefits and drawbacks. Additionally, there is an honorable mention of Anchor, a now-defunct PHP-based CMS.

  6. 6
    Article
    Avatar of dhhDavid Heinemeier Hansson·2y

    Open source royalty and mad kings

    The concept of Benevolent Dictator For Life (BDFL) in open-source projects like Linux, Python, and Rails allows for strong, decisive leadership and has proven effective over decades. However, this model isn't flawless and has recently faced scrutiny, especially highlighted by an escalating dispute between Automattic and WP Engine. Automattic's moves, including blocking access and expropriating a plugin, have raised concerns about the neutrality of open-source registries, emphasizing a need for neutral, conflict-free zones in the open-source ecosystem.

  7. 7
    Article
    Avatar of wptavernWP Tavern·1y

    Developers Remove Plugins From WordPress.org Repository After ACF Controversy

    Several plugin authors are removing their plugins from the WordPress.org repository following the ACF to Secure Custom Fields fork incident. Gravity PDF, BE Media from Production, and Paid Memberships Pro are among the notable plugins transitioning to self-hosted distribution. Concerns about WordPress.org’s actions and potential security risks have prompted these moves.

  8. 8
    Article
    Avatar of communityCommunity Picks·2y

    WordPress Security - is it really that bad?

    WordPress' security reputation is often criticized due to its low barrier of entry and reliance on plugins and themes, which generate most vulnerabilities. Despite this, the core WordPress CMS is relatively secure, and recent years have seen significant improvements in finding and addressing security issues. The market is also evolving, with larger companies investing more in security. Areas that need attention include better visibility for closed plugins and security researchers, and cleaning up some legacy code quirks. Overall, while there is still work to be done, the security landscape for WordPress is improving.

  9. 9
    Article
    Avatar of systemweaknessSystem Weakness·1y

    WordPress Penetration Testing: A Hacker’s Playbook

    WordPress penetration testing involves understanding the platform's structure, including user roles and common vulnerabilities. Significant targets include the wp-config.php file, plugins, themes, and user roles ranging from administrators to subscribers. Key techniques include checking for default credentials, examining backup files, and exploiting weak spots such as the XML-RPC interface and REST API. Effective tools and methods include WPScan for quick site scans, user enumeration, and surveillance of upload functions.

  10. 10
    Article
    Avatar of newstackThe New Stack·1y

    WordPress Alternatives: Stick With PHP or Pivot to JavaScript?

    Many developers and IT managers are considering alternatives to WordPress due to its continued reliance on PHP, which has significantly declined in popularity. Increasing interest in JavaScript-based systems like Ghost and Payload reveals a trend towards more modern content management solutions. PHP advocates suggest Craft CMS and Drupal as viable options for those wishing to stick with PHP. Switching from WordPress could be challenging, but exploring alternatives might be beneficial, especially for those looking to avoid associated controversies.

  11. 11
    Article
    Avatar of wpbeginnerWordPress Beginner·2y

    What’s Coming in WordPress 6.7 (Features and Screenshots)

    WordPress 6.7 will introduce a new default theme called Twenty Twenty-Five, significant improvements to the block editor, and enhanced site editing tools. Major updates include support for HEIC image uploads, a zoom-out view for easier content layout editing, and a refined Query Loop Block. Additionally, enhancements are made to the Preview Options API, font customization via a new Font Library, and advancements in the Interactivity API. The update aims to boost media compatibility, performance, and offer a better user experience through various under-the-hood improvements.

  12. 12
    Article
    Avatar of wpbeginnerWordPress Beginner·2y

    6 Best WP Engine Alternatives (More Affordable and Reliable)

    This post lists six viable alternatives to WP Engine for WordPress hosting. It includes recommendations such as Rocket.net for high-traffic sites, SiteGround for overall best performance, and Hostinger for affordability. Each hosting provider is evaluated based on reliability, price, and customer support. The post also discusses the importance of performance and provides guidance on migrating away from WP Engine, including the option of professional migration services.

  13. 13
    Article
    Avatar of wpmayorWP Mayor·1y

    JetFormBuilder Review: An Affordable and Efficient Form Builder

    JetFormBuilder is a WordPress plugin designed to simplify form building with an intuitive interface and extensive functionality. It supports over 20 types of form fields, conditional logic, drag-and-drop building, and multi-column layouts. Pro add-ons enhance its capabilities, including payment integration, multi-step forms, and document generation. JetFormBuilder is cost-effective, with free and premium plans, and offers extensive documentation and support.

  14. 14
    Article
    Avatar of systemweaknessSystem Weakness·2y

    Hacking a WordPress Blog

    This post describes a Capture The Flag (CTF) challenge involving a WordPress blog on TryHackMe. It details steps like port scanning, web reconnaissance, using WPScan for vulnerability detection, enumerating users, brute-forcing passwords using Metasploit, and exploiting a Remote Code Execution (RCE) vulnerability in WordPress version 5.0. The post concludes with a successful privilege escalation using a script running with SUID permissions.

  15. 15
    Article
    Avatar of wpWordPress·2y

    Building Studio in Public: How Open Source Collaboration Enhances Studio

    Studio, an open source local WordPress development app, integrates with WordPress Playground to enhance its functionality. This collaboration allows for mutual improvements and quick bug fixes. Challenges include managing cross-platform compatibility, performance, and database handling with SQLite. Recent contributions have improved compatibility with various plugins and themes, making Studio more versatile. Developers are encouraged to contribute to both Studio and WordPress Playground to drive further innovation.

  16. 16
    Article
    Avatar of managingdevManaging Dev·1y

    Sometime leadership requires bold moves

    Automattic, the company behind WordPress.com, faced a legal issue and responded with a bold leadership move by offering a generous buy-out package to employees to either stay committed or leave. The offer, termed 'Alignment Offer', resulted in only 8.4% of employees choosing to leave, showcasing an impressive outcome despite the high risks involved.

  17. 17
    Article
    Avatar of phProduct Hunt·1y

    WP Monitor - Real-Time Analytics for WordPress Plugins and Themes

    WP Monitor offers real-time analytics for WordPress plugins and themes. Launched on October 16th, 2024, it is designed to provide developers with insights into the performance of their WordPress components.

See all WordPress archives