Interview with Matt Mullenweg, WordPress
Matt Mullenweg, the founder developer of WordPress, has been kind enough to take the time to answer some questions that I recently put to him. Here’s what Matt says about himself on his website:
“I am the founding developer of WordPress, the blogging software that runs much of this site and thousands of other sites around the world. The website says WordPress is “a state-of-the-art semantic personal publishing platform” but more importantly WordPress is a part of who I am. Like eating, breathing, music, I can’t not work on WordPress. The project touches a lot of people, something I’ve recently begun to appreciate. I consider myself very lucky to be able to work on something I love so much.”
BlogSecurity: What do you think sets WordPress apart from other blogging and CMS software packages?
Matt: WordPress has a rich community of support, plugins, and themes around it that constantly amazes me with its vibrancy. What that means for users is almost anything you can imagine can be done with WordPress (and someone has probably already written a plugin for it).
Of course out of the box it has some pretty compelling functionality and simplicity as well, as evidenced by the popularity of WordPress.com.
BlogSecurity: Why do you think that WordPress is so successful?
Matt: Because it was in the right place at the right time with the lucky ingredients.
BlogSecurity: Did you ever think that it would have so many users? How many WordPress blogs do you estimate are out there?
Matt: In my wildest dreams I would have expected a few thousand sites running it. I’d estimate there are between 2-3 million blogs using it today. More importantly though, WordPress bloggers tend to be the cream of the crop. It’s the 2-3% of the blogosphere that really knows what they’re doing.
BlogSecurity: A few months back, WordPress was hacked and backdoored with some dangerous code. You guys seemed to respond quickly, but how did it happen and what measures have been taken to prevent these sort of attacks in the future?
Matt: To clarify, one of the boxes hosting WordPress.org was compromised using a non-root account and some unwise systems settings. Afterwards we implemented a range of local and remote security and monitoring, so it’s highly unlikely for such an event to occur again and if it does we’ll know immediately.
BlogSecurity: There has been talk of WordPress paying for a full security code audit. What truth is there to this and what can you tell us about it?
Matt: I think it’s a good idea. I’m always looking for ways for the commercial success of Automattic to feed back into the broader community and I think that a professional security audit would be a great example of that. Everyone wins.
BlogSecurity: Is there a chance that WordPress will get bought out and that future releases will become commercial?
Matt: Not at all. WordPress is GPL-licensed with dozens (hundreds?) of copyright holders who would have to all agree to relicensing. Even if it were feasible, it goes against my personal philosophies.
My company Automattic could be bought or go belly up or anything that happens to normal corporations, but WordPress.org and the WP-the-software are completely separate so they would continue independently.
BlogSecurity: Most WordPress users know all about Akismet, your anti-spam plugin for WordPress. Could you share with us the basic idea of how it does what it does?
Matt: Spammers have tens of thousands of computers attacking your blog and you’re all alone. Akismet allows you to team up with over a million of your neighbors to help protect each other.
BlogSecurity: What does the future hold for WordPress?
Matt: Three major releases a year, dozens of user-driven features, thousands of plugins and themes and countless hours of fun for the whole family.
BlogSecurity: What do you think of BlogSecurity and its contributions to the blogging community thus far?
Matt: I think they’ve been well-intentioned but sometimes strike me as alarmist. I’d love to see more of the contributors participate in Trac and our development movement.
BlogSecurity: Are you working on any new projects that you’d like to share with our readers?
Matt: Right now I’m pretty heads-down in version 2.3, the update system and a new advanced caching plugin.
Random Posts
If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
[...] Mullenweg on Blog Security: Matt Mullenweg did an interview on the Blog Security blog about the issues of security and WordPress. Besides tackling security questions, Matt [...]
[...] A entrevista a seguir é uma tradução autorizada por David Kierznowski da entrevista que Matt Mullenweg concedeu ao blog BlogSecurity. O texto original, em inglês, pode ser lido em http://blogsecurity.net/wordpress/interview-140807/. [...]
[...] Matt Mullenweg concedeu uma breve entrevista para o BlogSecurity sobre o futuro do wordpress. Felizmente o Pedro Augusto do Security Hub foi autorizado a traduzir [...]
[...] but sometimes we can’t even trust known, reputable authors. Some of you may remember when a WordPress hosted systems was hacked and a new release of WordPress backdoored. Loads of people were downloading the new version of [...]
As for the BlogSec team getting involved in Trac and dev, I think there is definately some great synergy potential here, TBD me thinks. Thanks again Matt.