Subscribe to
NSLog(); Header Image

WordPress Security

John Gruber thinks it stinks. Another John says "don't blame the victim."

I think John Gruber goes a bit over-board in dissing WordPress. I don't know why, but he seems to have an axe to grind with WordPress. It came off that way to me just as it came off that way to many others. In fact, I'm surprised anybody could take it differently - the bias and sneering seemed rather evident to me.

In the end, I don't really care what John thinks about my blogging platform of choice. Those who have known me for quite awhile realize I spent quite a lot of time with MovableType. Suffice to say I'm very, very happy with my move to WordPress.

Updating used to be a pain. It hasn't been for quite awhile with the auto-update feature. To John #2's point, there's a fine line between "blame the victim" and "issue a warning or reminder." Yes, someone still "hacked your site," but those kind of people exist. That's the world we live in. People know this and failing to update may cost them a whole lot more time and heartache in the future than the time they would have spent updating in the past.

I too refuse to blame the victims - the people that do these attacks are scummy human beings - but I do want to echo the warning/reminder: keep your sites up to date. At least make the effort to get to WordPress 2.7-ish or whatever version enables the auto-update deal.

And check out what Chuck Goolsbee had to say about an added layer of protection at the second link.