50 Shades of WordPress

  • Published on
    13-May-2015

  • View
    917

  • Download
    0

Embed Size (px)

DESCRIPTION

My presentation at WordCamp Raleigh 2012 entitled "50 Shades of WordPress," a conversational piece on the commercial community (products and services) and the shady happenings of which users, designers and developers should be aware.

Transcript

<ul><li>1.50 ShadesofWordPressWordCamp Raleigh 2012 #wcraleigh #50shadesofwp @theandystratton</li></ul> <p>2. The Stories. 3. The NaiveDesigner/Developer 4. Tim Was Never Safe (His PHP Vulnerability) 5. The Stranger 6. Real Problems. 7. Shops UsingFound Code. 8. Breaking Shortcodes. 9. Authors admitted tousing code they neverreviewed. 10. And to be honest wedid not know that wehave a function like this in our code[...] 11. Neither do weunderstand what it doesright now [...] 12. We got the backbone ofour WP themes [...] from some other [...] author 13. [...] and just [built] a theme on it. 14. Unsecured Third-Party Code Libraries. (Without Protection) TimThumb without proper config Server permissions, setup, etc. 15. Missing KeySecurity Practices. Escaping input and outputs Attributes, URLs, htmlNonces and form security 16. GPL Non-Adherence.Encrypted code: base64, ioncubeRequiring footer links (site shutdowns, database injections) Use of malware tactics to advertise! 17. Poor Support. FreelancersCommercial Products 18. (Some) Freelancers.Taking money without providing value. Extremely late or never finish. Cant do what they say they can. 19. (Some)Commercial Products.1000 downloads, 4000 support requests.Users publicly dissatisfied on boards. Minimal enforcement by marketplaces. 20. Code Compatibility. Not using Core APIs. Turning off core actions/filters. Breaking shortcodes/plugins. 21. Show Me Yours.Have you experienced any shadiness? 22. How Do We Balance This Stuff? 23. Report Bugs.To WordPress Core (Trac).To products and themes. 24. To be fair:If they dont know, they cant fix it. 25. Demand Support.Based on what you paid/whats offered.Follow their normal channels. No response? Escalate. 26. No Support? Be Loud. Call out on Twitter/BlogRecommend others not to use Tell your friends/clients 27. Referrals. For Products.For Freelancers.Look at real world examples.Ask People. Dont feel weird. 28. Referrals.For products and freelancers.Look at real world examples.Ask People. Dont feel weird. 29. Do You Build Products?Are You a Freelancer? 30. Do Awesome Work. 31. ProvideAwesome Support. 32. Be anAwesome Experience. 33. Youre aUser/Client/Customer? 34. Support Quality Products. 35. Support GPLAdherent Products. 36. Support Quality,GPL Adherent Products. 37. :* </p>