Category Archives: WordPress

State of the Word 2011

Just in case you missed yesterday’s State of the Word presentation, it’s now available on WordPress TV:

The slides are also available on Slideshare.

Here are some key takeaways from yesterday:

  • We had over 1,000 people attending WCSF and many more watching the livestream, making it the biggest WordCamp yet.
  • The survey of 18,000 WP users revealed some interesting data, like a median hourly rate of $50 and that 6,800 of the self-employed respondents were responsible for over 170,000 sites personally.
  • WordPress 3.2 had 500,000 downloads in the first two days, representing the fastest upgrade velocity ever.
  • WordPress now has 15,000 plugins and 200 million plugin downloads, and we’re doing a lot of work to make the plugin experience more seamless.
  • 14.7 percent of the top million websites in the world use WordPress.
  • 22 of every 100 active domains created in the U.S. are running WordPress.

In true WordPress fashion, we’ll be open sourcing the raw survey data so people can slice and dice it their own way to find interesting trends or patterns, like breaking down the hourly rates by geography.

Special thanks to Pete Davies, who was responsible for the survey and helping craft the narrative of the keynote, and Michael Pick who did the same and also designed all the slides and animations you saw. Michael is going to prepare a blog post with all of the inspirations and allusions in the slides for those of you curious about the story behind the design.

Update: Raw data and a few other updates are now available on WordPress.org.

The TimThumb Saga

Last week there was a serious flaw found in the code behind TimThumb, an image re-sizing library commonly used in premium themes.* Because the code is commonly embedded in themes it’s not easy to discretely update like it would be if the code were a plugin, and even when a theme is updated people are hesitant to update because they often customize theme code rather than making child themes, so if they were to overwrite their theme with a new version they’d lose their modifications. That, combined with the severity of the flaw, means that this is one of the more serious issues in the WordPress ecosystem in a while, even more than normal because it wasn’t in core.

It could have gone a lot of ways, but the incident brought out the best in the community. The core team sprang into action searching through the theme directory to inoculate any themes that contained the dangerous code. Community blogs quickly got the word out about the problem so people were aware of it. Mark Maunder, who originally discovered and broke down the problem, created a fork of the code called WordThumb that rewrote TimThumb from the ground up. Forking is not usually ideal because it fragments the market for users but Mark soon connected with Ben Gillbanks, long-time WordPress community member, and they’ve teamed forces to release TimThumb 2.0, a collaboration that exemplifies Open Source at its finest. An updated plugin should be in the directory shortly.

It also illustrated the original vision I had behind VaultPress. In addition to reporting early and emailing customers with vulnerable code, the following morning they had devised a way to go in and surgically correct vulnerable code on over seven hundred affected websites. This fixing-problems-while-you-sleep delighted users and is exactly the kind of problem I hoped VaultPress would solve for people and it underscores the core value of the service. If you’re not using VaultPress for your most important websites yet, you should.

* I originally had a long rant here, but here’s the 13-word version: I’ve seen no correlation between how much something costs and its code quality. This is getting better as more people become familiar with the coding standards of core, and PHP in general, but there is still a long way to go. If you want to avoid this in your own code, check out Theme Check and Log Deprecated Notices to start. If you’re looking for code to base your own theme on, it’s best to start with something like 2010 or 2011.

Fifty Million

As noted on TNW and Adweek, yesterday we passed over 50,000,000 websites, blogs, portfolios, stores, pet projects, and of course cat websites powered by WordPress. I had the good fortune to celebrate this milestone with a few hundred WordPressers at WordCamp Montreal yesterday. (During my Town Hall I wasn’t aware we had passed the number until someone shouted from the audience.) It’s always fun to pass a big round number and over the weekend many libations were consumed with friends old and new, but ultimately the press has always been more concerned with those top-line numbers than we have in the WordPress community. More sites being created is a good benchmark for our adoption, but ultimately WordPress matters not for the blogs it creates but for the lives it affects. We have some huge opportunities this year, particularly around making our software more accessible to the next 50 or 500 million people who want to have a voice online, something I hope to talk more about at WordCamp San Francisco next month.

Blogging Drift

The New York Times has a pretty prominent article today called Blogs Wane as the Young Drift to Sites Like Twitter. The title was probably written by an editor, not the author, because as soon as the article gets past the two token teenagers who tumble and Facebook instead of blogging, the stats show all the major blogging services growing — even Blogger whose global “unique visitors rose 9 percent, to 323 million,” meaning it grew about 6 Foursquares last year alone. (In the same timeframe WordPress.com grew about 80 million uniques according to Quantcast.)

Blogging has legs — it’s been growing now for more than a decade, but it’s not a “new thing” anymore. Underneath the data in the article there’s an interesting super-trend that the Times misses: people of all ages are becoming more and more comfortable publishing online. If you’re reading this blog you probably know the thrill of posting and getting feedback is addictive, and once you have a taste of that it’s hard to go back. You rode a bike before you drove a car, and both opened up your horizons in a way you hadn’t imagined before. That’s why blogging just won’t quit no matter how many times it’s declared dead.

Blogging (with WordPress) is the natural evolution of the lighter publishing methods — at some point you’ll have more to say than fits in 140 characters, is too important to put in Facebook’s generic chrome, or you’ve matured to the point you want more flexibility and control around your words and ideas. (As The Daily What did in their recent switch from Tumblr to WordPress.) You don’t stop using the lighter method, you just complement it — different mediums afford different messages.

Read more: Scott Rosenberg on “Another misleading story”; Mark Evans “Why I Still Love Blogging.”

A New Home for the WordPress Trademark

As I write this, I’m on my way to Seaside, Florida to see 60+ Automatticians at our yearly meetup. More than sixty… that number astounds me! Automattic has grown so far beyond what I originally imagined and every day I’m amazed by my colleagues and the things they create. Today we’re growing in another way: Automattic has transferred the WordPress trademark to the WordPress Foundation, the non-profit dedicated to promoting and ensuring access to WordPress and related open source projects in perpetuity. This means that the most central piece of WordPress’s identity, its name, is now fully independent from any company.

This is a really big deal.

I want to recognize and applaud the courage and foresight of Automattic’s board, investors, and legal counsel who made this possible: Mike Hirshland, Phil Black, Tony Conrad, Toni Schneider, Gunderson Dettmer. I’d also like to thank Matt Bartus of Dorsey & Whitney for their counsel on the Foundation side. The WordPress brand has grown immeasurably in the past 5 years and it’s not often you see a for-profit company donate one of their most valuable core assets and give up control. However, I know in my heart that this is the right thing for the entire WordPress community, and they followed me on that. It wasn’t easy, but things worth doing seldom are.

When Automattic registered the WordPress trademark back in 2006, we were a small startup of a few people: a business founded largely to enable us to work on WordPress full-time instead of hacking around our day jobs. A lot has changed since then — somehow along the way we ended up with an audience of a quarter billion people — but a lot has stayed the same. We’re still a group of people in love with WordPress and free/open source software and we’re lucky to have figured out a way to contribute to the world and flourish as a business while doing it.

Automattic might not always be under my influence, so from the beginning I envisioned a structure where for-profit, non-profit, and not-just-for-profit could coexist and balance each other out. It’s important for me to know that WordPress will be protected and that the brand will continue to be a beacon of open source freedom regardless of whether any company is as benevolent as Automattic has been thus far. It’s important to me to know that we’ve done the right thing. Hopefully, it’s important to you, too, and you’ll continue your support of WordPress, the WordPress Foundation, and Automattic’s products and services. We couldn’t do it without you!

Syn-thesis 3: Switchers

The biggest after-effect of the Thesis license violation episode seems to be raising people’s awareness of alternatives that are both fully GPL and have better functionally too. One theme that seems to be picking up a ton of new users is Genesis. We helped Laughing Squid and Paul Stamatiou make the switch, but Chris Brogan joined the party completely independently. (All formerly in the Thesis showcase. Scobleizer switched a while back.) I’m excited about this because I think Genesis is a better theme, particularly for its advanced support of WordPress functionality like child themes. (Child themes are the only way you should build your site on top of a framework.)

Even though Thesis has done the bare minimum not to be sued for its license violation and the code it copy/pasted from WordPress, lots of folks including myself still have a bad taste in their mouths from the episode, since there was no apology or contrition shown (like a donation to the WordPress Foundation, which would be a drop in the bucket compared to the millions Thesis made while breaking the GPL). But I think it’s best to focus on the positive.

There is a linkbait from a Thesis affiliate going around asking if I favor certain commercial themes — absolutely yes! Is that a controversial question? Themes WordPress lists on its commercial page go above and beyond bare compliance with the GPL and are full members of the community, sometimes even becoming active in core development like WooThemes has done. As a business, I would feel a lot more comfortable building my online presence on a real enterprise like Woo, StudioPress, iThemes, and many more rather than a one-man-against-the-world operation, regardless of how good its marketing is, or how many affiliates it has.

For Automattic’s part, our theme team has been taking the opportunity to update our blogs stuck on Cutline and Pressrow, which were abandoned by Chris years ago and don’t support any of WordPress’s new features. The first iteration of this is Coraline which is aesthetically is similar to Cutline but under the hood is way better, with multiple layout and sidebar options, color schemes, custom background, per-post custom headers, gallery and asides support, and a few other bonuses. (Unfortunately, the switch had a bug that broke widgets for some sites, but that’s being fixed. We’ll avoid that when switching Pressrow.) A lot of this was kicked off before DIYThemes dodged litigation, but it’s important to continue because we’re building better themes for users who honestly shouldn’t worry about this stuff, they should just have theme that’s current, flexible, functional, and beautiful.

Micro-blogging vs Mega-blogging

I don’t think “mega-blogging” is actually a thing, I just made it up to make the title sound more dramatic. But if mega-blogging were a thing, you would do it with WordPress. Micro-blogging is a thing, and a lot of people do it with Twitter.

TechCrunch drops in this fray with an article comparing the comScore numbers of WordPress.com and Twitter.com, which show an accelerating growth for WP.com and flattening for Twitter. I’ll talk about the data itself later, but first wanted to point out a point many overlook when trying to create a battle between the mediums.

New forms of social media, including micro-blogging, are complementary to blogging.

One of the many uses of Twitter is to link to and promote your blog posts. (And other people’s blog posts.) As we grow, so do they, and vice versa. I blog when I have something longer to say, like this. I tweet when it’s the lowest friction way to talk to my friends, or get distribution for something longer I did somewhere else.

It’s not really a “versus,” it’s an “and.”

Whether the Twitter team intended it or not, they’ve built a killer and highly addictive reader platform with dozens of interesting UIs on top of it.

Features like WP.me, post by email, Twitter publicize, RSS Cloud, P2, email subscriptions, and more stuff in the cooker is trying to tie these things together more because people who do one are highly likely to do another.

As for the accuracy of underlying comScore data I would say they probably are precise but not accurate, meaning that whatever flaws they have in collection now, for example for WP.com they don’t count the custom domains or RSS readers and for Twitter they don’t count API usage or desktop clients, they’re at least self-consistent in how they do things over time. Some months they show us flat our internal stats showed growth, and vice versa. Ultimately it’s not worth anyone outside of comScore arguing how they collect their data, it’s better just to use it as one reference point alongside Quantcast (my fav), Alexa, Google Trends, Nielsen…

How tweets get imported into a blog is still an open question for me. I’ve seen lots of ways people have attempted it but when a blog becomes an activity stream it becomes a weak version of all the things it aggregates, less than the sum of its parts, because of the loss of context.