WordPress, the most common content management system (CMS) on the Web, has about 60% market share. It is even found on nearly a third of all web sites, not just those running a CMS. Given this enormous presence, WordPress has changed the Web quite a bit through its existence. Here are seventeen trivia about WordPress.
If one person were to work on WordPress by themselves, it would take [them] 151 years of work to complete the project. Of course, there were many more people helping to build WordPress, but it's fun to think about how much went into the development of this software so many people use today. And to think they did it for free!
[...] It's hard to find a piece of software that is more influential than WordPress. It's used by millions of people all around the world, and because it's so good, and also because it's free, it will likely continue to be the CMS of choice for years to come. But no matter what happens, we can always be grateful for WordPress for making it easier for us to build websites, connect with one another, and turn the internet into what it was always meant to be: a safe space for free speech and uncensored self-expression.
My first web page was back around 1994, hand coded, learning HTML by trial and error. In retrospect we had things easy.
That was followed by a number of years of Dreamweaver, a program that worked very, very well for me for some moderately big sites, then later several years of Wordpress based sites because it was fast and easy.
It's time again to upgrade our sites, and what I'm hoping to find is an open-source package that will do what Dreamweaver did, but bring that ease of use into an age of CMS and responsive design. My specific goals are below.
[More after the break.]
WordPress now powers 30% of web sites, regardless of whether they use a content management system (CMS) or not. This is a 5% increase over the last few years.
The Next Web summarizes:
That's according to W3Techs, a service run by Austrian consulting firm Q-Success that surveys the top 10 million sites ranked on Alexa. Its numbers are updated daily, and today it sees WordPress accounting for 60 percent of the CMS market.
WordPress has been in the lead for a good while now, with rival systems like Joomla, Drupal, Magento, Shopify, Google's Blogger, and Squarespace trailing by a huge margin (Joomla takes the #2 spot with 3 percent of sites). Of course, it's worth noting that 50 percent of all sites are either built from scratch or utilize CMSes presently not monitored by W3Techs.
So WordPress has a wide lead over similar tools like Joomla, Drupal, and several others. WordPress started about fourteen years ago back in 2003 and is built from PHP. It would have been interesting to see a break down of the mixed 50% in regards to how much has returned to static pages.
WordPress—the leading blogging and content management system across the web—is releasing version 5.0 on Thursday [6 Dec]. This marks the first major update in a year, and the most substantive update to the platform in several years, bringing with it a variety of speed optimizations and new features intended to make it more flexible to fit an increasing number of use cases.
The largest change coming to WordPress 5.0 is the Gutenberg editor, which completely reimagines the way writers and other content creators interact with their website. In contrast to increasingly popular markup editors used in other blogging software, the Gutenberg editor is fundamentally WYSIWYG, though with a design flexibility that allows content to be easily reformatted across screen sizes and devices.
Hackers exploit critical vulnerability found in ~100,000 WordPress sites:
Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites.
The flaw is in the ThemeGrill Demo Importer installed on some 100,000 sites, and it was disclosed over the weekend by Website security company WebARX. By Tuesday, WebArx reported that the flaw was under active exploit with almost 17,000 attacks blocked so far. Hanno Böck, a journalist who works for Golem.de, also spotted active attacks and reported them on Twitter.
"There's currently a severe vuln in a wordpress plugin called "themegrill demo importer" that resets the whole database," Böck wrote. "https://webarxsecurity.com/critical-issue-in-themegrill-demo-importer/ It seems attacks are starting: Some of the affected webpages show a wordpress 'hello world'-post. /cc If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)"
[...] The bug stems from a failure to authenticate users before allowing them to carry out privileged administrative commands. Hackers can abuse this failure by sending Web requests that contain specially crafted text strings.
"This is a serious vulnerability and can cause a significant amount of damage," WebARX researchers wrote in this weekend's disclosure. "Since it requires no suspicious-looking payload just like our previous finding in InfiniteWP, it is not expected for any firewall to block this by default, and a special rule needs to be created to block this vulnerability."
Specifically, the vulnerability allows attackers to delete all tables and populate the database with default settings and data. Accounts named "admin," assuming any exist, are set to their previously known password. In the event accounts named admin exist, the attacker will find themselves logged in with administrative rights.
(Score: 0) by Anonymous Coward on Monday March 30, @07:37PM
You say it would take a single programmer 151 years of work to complete the project, but if this person were smart they'd omit all the code related to security flaws and then finish the project in 2.4 years. Plus, they'd probably save a few more months by not having to draft a boneheaded CoC.
(Score: 2) by edIII on Monday March 30, @07:51PM (1 child)
Worst piece of shit software ever. Impossible to truly secure, ever.
This is the equivalent of putting on lipstick, bending over, liberally applying butter, and then yelling with a bullhorn for hackers to abuse your "ports" repeatedly.
I wonder what the actual costs are to business for using that hot mess. Off the top of my head I know two businesses that were down for over a month while their Wordpress sites were repeatedly hacked, over, and over again. They had to change three hosting providers before it stopped. For now.
The best recommendation for anyone regarding Wordpress is to turn around, and run, not walk, but run.
(Score: 0) by Anonymous Coward on Monday March 30, @08:01PM
Was that a problem with Wordpress or with some extension to Wordpress?