As most of the people who would be reading this blog would know by now, today is the 10th Anniversary of the first relase of WordPress. All over the world, people are taking some time today to reflect upon this milestone, and of their time with this software. Even while celebrating Memorial Day here in the US, I’ll be hosting a party tonight at the Geek Easy in Orlando.

Barcamp Orlando 2013I myself have been with the software just around five years, since 2008 and right around the release of version 2.5. I remember when I started searching for a new way to easily manage websites, since up until that point I’d been hand-coding them in HTML. I was not yet professionally building websites, but doing so for school assignments, for friends and for fun. During my travels through the world of website management, I discovered a free platform that I could easily install via Fantastico on my hosting control panel. I began building in earnest with this tool, first for myself, then for friends, finally for some clients. I admit that I can’t recall which client was the first to pay me to build with WordPress as opposed to static work, but I do recall building a website for an employer on the job, making my regular hourly to do the work.

From there I’ve been offered a great many opportunities. I’ve held a few jobs relating to computers in other ways, such as database management for a radio station and was a computer technician for a while (I much enjoy playing on the web to fixing problems where the easiest answer is “buy a new computer”). I’ve had several jobs with other companies specifically as a WordPress developer, slowly growing my skills over time. There’s no way I can honestly say that I’m not still growing and learning new things on a regular basis. In a few more years I’m sure I’ll look at where I am today and shake my head at that youthful folly.

Last year I decided to take the plunge into freelancing full time. I had already been doing so for a few clients, and wanted to free myself up to pursue passions. To continue with honesty, I’ve not made the most that I could of this time, but I’m still enjoying myself and making plans for the future. I help organize the Orlando WordPress Meetup, as well as WordCamp Orlando. I teach and do support, build custom plugins and themes and try to be a general resource in the area for my fellow WordPress aficionados.

I imagine that if a few years ago someone told me that I’d be focused so heavily in one thing that I’ve planned a party and based most of my life around a piece of software, I’d have thought that they were crazy. Now that the time has come though, I can see many paths that I’ve been offered, and the one that I’ve taken has the possibility of taking me to that ideal, to the place that makes me satisfied with my impact on the world.

Thank you WordPress, thank you Matt, and thank you to the rest of this wonderful community for all that you have done. I want to be here in ten more years celebrating again.

The following is a slightly altered response that I gave to a potential client about the perceived security differences between WordPress and other CMS’ such as Drupal and Joomla. I’ve added a few links and a bit of my personal snark here to ward off a few comments.

Not just a show of security like this CC image courtesy of Alexandre Dulaunoy on Flickr
Not just a show of security like this.
CC image courtesy of Alexandre Dulaunoy on Flickr
WordPress is a stable and secure CMS, blogging tool and application framework. There are a few reasons why people might say that it is insecure, mainly due to attacks that have occurred on WordPress sites in the past, as well as noteworthy attempts to attack multiple WordPress sites at once. One of the main reasons for this is the popularity of the platform, which powers about a quarter of all sites being built now. Just as there are far more viruses and attacks on Windows computers than there are viruses made to attack Mac computers (yes, mac viruses do exist people), more people will focus on the more popular system to attack. It’s not that it is easier or harder one way or the other, simply that most hackers work randomly, with no focus on the actual owners of the sites/machines, but looking to exploit as many as they can.

WordPress is secure because of the popularity. It is an open source framework that is constantly being updated and checked by tens of thousands of developers, all of whom can play a hand in updating the software. This means that chances are, if a security flaw is found in WordPress core or a popular plugin, it will be announced and patched quickly. Compared to closed source systems with a small development pool, this is much more stable and able to withstand attacks.

The main reason that WordPress might seem insecure to some is the fact that any code can be run on a WordPress site. Specifically, I’m referring to themes and plugins, which can be developed by anyone, with a variety of skill levels and levels of security in mind. This is why it is very important to keep all of your themes, plugins and especially the WordPress core install up to date. Whenever you see a new update, you should apply it.

For a bit more information, WPEngine (my wonderful web host) has been doing a series recently concerning a large (and ultimately unsuccessful) attack against a variety of WordPress sites:

http://wpengine.com/2013/04/were-doing-a-series-on-wordpress-security/
http://wpengine.com/2013/04/security-series-users-can-stay-secure-with-strong-passwords/
http://wpengine.com/2013/04/how-tony-perez-of-sucuri-sets-up-his-own-security/
http://wpengine.com/2013/05/wordpress-core-is-secure-stop-telling-people-otherwise/