[wp-hackers] wordpress security

Stephen Rider wp-hackers at striderweb.com
Wed Oct 21 19:22:27 UTC 2009

On Oct 21, 2009, at 9:03 AM, Otto wrote:

> A site that the admin has not visited in 2 months is, IMO, a dead
> site. No new content, no readers, nobody caring for it...

Otto, I respect your contributions to WordPress, and this isn't only  
directed at you.  But...

In the past, I've asked for advice on using WordPress as a straight  
CMS rather than a blog platform.  Such questions are routinely  
answered with remarks along the lines of, "It is a CMS, Dummy."*

Fine it's a CMS.  But as such we must accept that many users are using  
WordPress to set up their sites, and edit them when needed, but are  
NOT routinely adding new content, /a la/ a blog.  In such  
circumstances, a site can **easily** go two months without being  

I just don't understand this "screw 'em" attitude.  There is a  
legitimate need here, and insisting that those users are just clueless  
lusers seems arrogant to me.

I'm starting to lean toward the argument that changing the default  
blog post may be the best solution. Great, so let's do it.  While  
we're at it, let's add a note in Admin (the Tools page maybe?) that  
also talks about the notification list.

But please stop staring down your nose at a large (and growing)  
section of WordPress users.  It does the platform a grave disservice  
if only the "cool kids" are allowed to play.

(As a side note -- I do swing dance as a hobby, and there used to be a  
swing club/bar in Chicago that I loved to go to.  One night I took my  
brother along, thinking he might like the atmosphere.  His comment  
later what that the whole place gave him a feeling that "this is a  
private club and you're not a member".  The place closed down about a  
year after it opened -- probably exactly for the reason that it  
couldn't get customers beyond those who were "in the club".  I never  
noticed it myself, because I was a "member" without realizing it.)



* The attitude toward people asking about "WordPress as CMS" is  
widespread and wrongheaded (including coming from one developer with  
whom I've had a very friendly relationship.)  As long as the "blog  
post" aspect is front and center, people will -- legitimately --  
consider it "blog software".  Personally I would love to see a plugin  
that entirely removes or conceals the post/comment areas of the  
admin.  Perhaps my next project....

Stephen Rider

More information about the wp-hackers mailing list