50 Shades of WordPress

1,240 views

Published on

My presentation at WordCamp Raleigh 2012 entitled "50 Shades of WordPress," a conversational piece on the commercial community (products and services) and the shady happenings of which users, designers and developers should be aware.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,240
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

50 Shades of WordPress

  1. 1. 50 Shades ofWordPress WordCamp Raleigh 2012 #wcraleigh #50shadesofwp @theandystratton
  2. 2. The Stories.
  3. 3. The NaiveDesigner/Developer
  4. 4. Tim Was Never Safe (His PHP Vulnerability)
  5. 5. The Stranger
  6. 6. Real Problems.
  7. 7. Shops UsingFound Code.
  8. 8. Breaking Shortcodes.
  9. 9. Authors admitted tousing code they never reviewed.
  10. 10. “And to be honest we did not know that wehave a function like this in our code[...]”
  11. 11. “Neither do weunderstand what it does right now [...]”
  12. 12. “We got the backbone ofour WP themes [...] from some other [...] author”
  13. 13. “[...] and just [built] a theme on it.”
  14. 14. Unsecured Third-Party Code Libraries. (Without Protection) TimThumb without proper config Server permissions, setup, etc.
  15. 15. Missing KeySecurity Practices. Escaping input and outputs Attributes, URLs, html Nonces and form security
  16. 16. GPL Non-Adherence. Encrypted code: base64, ioncubeRequiring footer links (site shutdowns, database injections) Use of malware tactics to advertise!
  17. 17. Poor Support. FreelancersCommercial Products
  18. 18. (Some) Freelancers.Taking money without providing value. Extremely late or never finish. Can’t do what they say they can.
  19. 19. (Some)Commercial Products.1000 downloads, 4000 support requests. Users publicly dissatisfied on boards. Minimal enforcement by marketplaces.
  20. 20. Code Compatibility. Not using Core API’s. Turning off core actions/filters. Breaking shortcodes/plugins.
  21. 21. Show Me Yours.Have you experienced any shadiness?
  22. 22. How Do We Balance This Stuff?
  23. 23. Report Bugs.To WordPress Core (Trac).To products and themes.
  24. 24. To be fair:If they don’t know, they can’t fix it.
  25. 25. Demand Support.Based on what you paid/what’s offered. Follow their normal channels. No response? Escalate.
  26. 26. No Support? Be Loud. Call out on Twitter/Blog Recommend others not to use Tell your friends/clients
  27. 27. Referrals. For Products. For Freelancers.Look at real world examples.Ask People. Don’t feel weird.
  28. 28. Referrals.For products and freelancers.Look at real world examples.Ask People. Don’t feel weird.
  29. 29. Do You Build Products?Are You a Freelancer?
  30. 30. Do Awesome Work.
  31. 31. ProvideAwesome Support.
  32. 32. Be anAwesome Experience.
  33. 33. You’re aUser/Client/Customer?
  34. 34. Support Quality Products.
  35. 35. Support GPLAdherent Products.
  36. 36. Support Quality,GPL Adherent Products.
  37. 37. :*

×