Automattic’s Series D

Asides

Today Automattic announced it has closed a new $300 million Series D, with Salesforce Ventures taking the entire round. This puts us at a post-round valuation of $3 billion, three times what it was after our last fundraising round in 2014. It’s a tremendous vote of confidence for Automattic and for the open web.

I met Marc Benioff earlier this year, and it became obvious to both of us that Salesforce and Automattic shared a lot of principles and philosophies. Marc is a mindful leader and his sensibilities and sense of purpose feel well aligned with our own mission to make the web a better place. He also helped open my eyes to the incredible traction WordPress and WP VIP has seen in the enterprise market, and how much potential there still is there. I’ve also loved re-connecting with Bret Taylor who is now Salesforce’s President and Chief Product Officer. Bret’s experience across Google Maps, Friendfeed, Facebook, Quip, and now transforming Salesforce makes him one of the singular product thinkers out there and our discussion of Automattic’s portfolio of services have been very helpful already.

For Automattic, the funding will allow us to accelerate our roadmap (perhaps by double) and scale up our existing products—including WordPress.com, WordPress VIP, WooCommerce, Jetpack, and (in a few days when it closes) Tumblr. It will also allow us to increase investing our time and energy into the future of the open source WordPress and Gutenberg.

The Salesforce funding is also a vote of confidence for the future of work. Automattic has grown to more than 950 employees working from 71 countries, with no central office for several years now. Distributed work is going to reshape how we spread opportunity more equitably around the world. There continue to be new heights shown of what can be achieved in a distributed fashion, with Gitlab announcing a round at $2.75B earlier this week.

Next year Automattic celebrates 15 years as a company! The timing is fortuitous as we’ve all just returned from Automattic’s annual Grand Meetup, where more than 800 of us got together in person to share our experiences, explore new ideas, and have some fun. I am giddy to work alongside these wonderful people for another 15 years and beyond.

If you’re curious my previous posts on our fundraising, here’s our 2006 Series A, 2008 Series B, 2013 secondary, and 2014 Series C. As before, happy to answer questions in the comments here. I also did an exclusive interview with Romain Dillet on (WP-powered) Techcrunch.

Matt 3.0

Essays

As in WordPress, the X.0 release is just the one that came after (X-1).9 before it, so while it seems more significant, it’s just another iteration in the steady march of progress, a job never done. I’ve now managed to stay alive for three decades, thirty rotations around the sun, and I woke up this morning a little hungover (there’s a lot of tequila in Mexico) but with a huge grin on my face.

In many ways life accumulates complexity as you get older, but the things that are most important are simple and universal: friends and loved ones, health, and working on something you enjoy and has an impact. I’m happier and finding balance more often than at any period I can remember since I was a young child.

This was another year in motion, traveling 345,211 miles to 78 cities in 13 countries. I’m still really enjoying being on the road, and it’s very intrinsic to how Automattic works, so I expect that to continue or even pick up pace.

Every generation feels this way, but it also genuinely seems like we’re at shift in how society works, with technology accelerating change, and navigating and more importantly creating that change is one of the most interesting challenges I can imagine working on.

Finally I’m humbled and amazed by the support for the charity: water campaign, which already is going to bring close to 2,000 people clean water.

Tomorrow I’ll wake up a little sunburnt, but hopefully with that same grin and ready to take on the years of my life that start with 3 and hopefully end with a bigger impact than my 20s had. It was a decade when I failed a lot, tried even more, and most importantly learned how to say yes and how to say no, something that gets easier as you learn about yourself.

All birthday posts: 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41.

So I’m 20

Birthday

This is it. Last year my birthday was loud and surprising, this year it was chill. Both have their attraction.

WordPress Birthday logo

Awww thanks. 🙂 Mad props to Craig for the WordPress header (currently in rotation).

While I’m here I’d also like to wish a happy birthday to Dave, who had a birthday a few days ago and didn’t tell anyone. 😉

All birthday posts: 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41.

Kindle Statistics

Ideas,

Dear Kindle Team, one of my favorite features of Google Reader has always been its “Trends” or more simply its statistics that give you insight into your reading patterns and volume.

As the Kindle has become a bigger and bigger part of my life, much of my reading time has shifted from RSS-based sources to content on my Kindle, but I’m really curious how much time, how many words, at what times of day, etc I’m consuming all this new content. I think providing stats would also encourage people to read more, and highlight to them how the Kindle has changed their habits.

A Bank Website on WordPress

WordPress

There’s a thread on Quora asking “I am powering a bank’s website using WordPress. What security measures should I take?” The answers have mostly been ignorant junk along the lines of “Oh NOES WP is INSECURE! let me take my money out of that bank”, so I wrote one myself, which I’ve copied below.

I agree there’s probably not a ton of benefit to having the online banking / billpay / etc portion of a bank’s website on WordPress, however there is no reason you couldn’t run the front-end and marketing side of the site on WordPress, and in fact you’d be leveraging WordPress’ strength as a content management platform that is flexible, customizable, and easy to update and maintain.

In terms of security, there are a two simple points:

  1. Make sure you’re on the latest version of core and all the plugins you run, and update as soon as new version become available.
  2. Use strong passwords for all user accounts. For extra credit you could enable a 2-factor plugin, use Jetpack’s WordPress.com login system, or restrict logged-in users to a certain IP range (like behind a VPN).

If your host doesn’t handle it, make sure you stay up-to-date for everything in your stack as well from the OS on up. Most modern WP hosts handle this (and updates) for you, and of course you could always run your site on WordPress.com VIP alongside some of the top sites in the world. If you use any non-core third party code, no harm in having a security firm audit the source as well (an advantage of using open source).

For an example of a beautiful, responsive banking website built on WordPress, check out Gateway Bank of Mesa AZ. WordPress is also trusted to run sites for some of the largest and most security-conscious organizations in the world, including Facebook, SAP, Glenn Greenwald’s The Intercept, eBay, McAfee, Sophos, GNOME, Mozilla, MIT, Reuters, CNN, Google Ventures, NASA, and literally hundreds more.

As the most widely used CMS in the world, many people use and deploy the open source version of WordPress in a sub-optimal and insecure way, but the same could be said of Linux, Apache, MySQL, Node, Rails, Java, or any widely-used software. It is possible and actually not that hard to run WordPress in a way that is secure enough for a bank, government site, media site, or anything.

If you wanted any help on this feel free to reach out to Automattic as well, we have a decade of experience now dealing with high-risk, high-scale deployments, and also addressing the sort of uninformed FUD you see in this thread.

If you’ve developed a major bank site in WordPress leave a link in the comments.

Response to DHH

Automattic, WordPress

I’ve taken this post down. I’ve been attacked so much the past few days; the most vicious, personal, hateful words poisoned my brain, and the original version of this post was mean. I am so sorry. I shouldn’t let this stuff get to me, but it clearly did, and I took it out on DHH, who, while I disagree with him on several points, isn’t the actual villain in this story: it’s WP Engine and Silver Lake.

A few bullets to his core points:

  • The headline “Automattic is doing open source dirty” is not fair.
  • Automattic did not work on a deal with WP Engine for 18+ months because of the GPL, or them using “WP” in their name, it was because of their abuse of the WordPress and WooCommerce trademarks. Trademarks must be protected, as evidenced by Rails trademark policy.
  • Our C&D is about public trademark abuse; theirs is about censorship, and doxxes private messages. They have since filed a kitchen sink lawsuit that embroils all of WordPress.org.
  • Updating ACF to Secure Custom Fields in our directory was to provide users of our plugin directory the best, safest, most secure code. It included a security update that still has not been merged by the ACF team.
  • We will merge any improvements ACF makes to their GPL code going forward and will also include enhanced functionality in the coming days to provide a secure and free drop-in replacement for ACF. If WP Engine didn’t want this to happen, they should not have published their code under the GPL or distributed it through WordPress.org’s directory.
  • I think it’s fantastic when businesses are built on open source, the WordPress ecosystem is at least 10B+ a year; Automattic and WP Engine are less than 5% of that.

iPad 3 Launch Experience

Meta

I’m in New Orleans for a few days and, long story short, although I pre-ordered the New iPad it’s arriving to an address I won’t be at for a while, so since I was up early this morning thought I’d go to the nearest Apple store in Metairie and see if I could pick one up, or at least be part of the excitement that always accompanies Apple launch mornings.

The store had opened at 8, but I arrived at about 8:55, and the scene was not at all what I expected. There was a crowd outside the Apple store, but it was of blue-shirt employees, I walked up and said I was there for a 64GB white AT&T iPad, the fellow handed me a card, and 5 minutes later I was checked out. No line, no waits, no anything! Here’s a picture of the front of the store, at 9:20am.

Line at Apple Store

The woman who checked me out said there had been a bit of a line that morning at 8, but just about 20-30 people and she thought that most people didn’t know they were opening at 8 that morning instead of the normal 10.

I walked back outside and grabbed a water bottle from the big pallet they had of them (for the expected line) and a Verizon employee accosted me to show ask if I had gotten AT&T or Verizon. When I replied “AT&T” he said “oh man!” and showed me the speed tests he was getting on his iPad 2 tethered via wifi to a Droid device he had, an impressive 20mbps down. “Think how fast it’d be going direct to an iPad.” (I agree, but I already have a Verizon Nexus device, a T-Mobile Blackberry, a Sprint iPhone, so I wanted to complete the quartet with another carrier and ensure I could have coverage anywhere.) I decided to celebrate with some beignets across the food court from Cafe Du Monde:

Celebratory Breakfast

So why the lack of a line? Perhaps it was mix up about store opening time, as they suggested. Maybe New Orleans is a Samsung town. Perhaps Apple just did a better job with the pre-orders arriving on launch day, so people didn’t feel the need to go to the store. Maybe people weren’t as excited as I was about the new launch. All in all, it doesn’t matter to me. The screen is gorgeous, it’s restoring now from iCloud backup, and I’m pleased as punch to have one on launch day and I’ll probably spend far too much time today staring at the amazingly high resolution. If you were waiting because you thought the stores might be crazy today, maybe head to them half an hour after open time and skip the queues.

Intensely Automattic Change.gov

Automattic,

Everyone is honored and excited today that Change.gov, the website of President Elect Barack Obama, has turned on IntenseDebate comments to discuss things like health care.

Micah Sifry has an excellent write up of the topic.

Imagine what happens if those numbers–on not just any “centralized site” but the one that symbolically and perhaps literally has the attention of the President-elect–start climbing into the five- and six-digits. Before our eyes, we are witnessing the beginning of a rebooting of the American political system. [emphasis added]

[…]

By using IntenseDebate (and the OpenID framework), the Obama transition is actually enabling a lot of interesting community development to start happening beneath the surface of a threaded discussion. Users get their own “commenter profile” on IntenseDebate, along with reputation points, and they can carry those profiles onto other sites that use the same system. Users can also choose to follow other IntenseDebate users, so if someone is really diligent they could start to gather a group or a crowd around them.

It has even started to make the cable news, as evidenced in this clip.

Pretty exciting! And it’s also a reaffirmation of Automattic’s platform-agnostic approach to Akismet, Gravatar, PollDaddy, and IntenseDebate that although Change.gov uses Expression Engine for their CMS they’ve chosen IntenseDebate for their comments.

Thirty-Two

Essays

My thirty-second birthday has arrived after a whirlwind year, probably my most challenging and rewarding. It went faster than any year I can remember, absolutely flew by. Luckily it was capped at the holidays with a precious few weeks of downtime in Houston. Now I’m back to work in Cape Town and just finished a lovely day of great food, wine, and conversation with colleagues who are here for a meetup starting tomorrow.

Since I started tracking, 2015 was the first year that I traveled fewer miles than the year before, clocking in at 398k, down 27k. (398,553 miles, 111 cities, 20 countries.) In 2016 I’m going to try and get that even lower. It was also one of my best years for blogging on this site, with the most posts (252) I’ve made since 2008, and the most words (24,605) since 2005. (If anyone is curious, I wrote about 60k words over the same time period in Automattic’s internal P2s.) In a weird omission, though, it’s the first year since this site started in 2002 that I didn’t post a single gallery of photos. I’ve developed a mental block around processing and posting the fancier pictures, even as I carry hundreds of gigabytes of them around the planet several times over. Hopefully this is something I can get past in 2016.

I ran 163 miles in 2015, more than I did the year before, and I think that trend will continue. Last year I talked about habits and small actions, and a daily todo list with some small items to nourish the mind, soul, and body has become central to my routine. I dyed my hair (grey) just for fun and also to show the rest of Automattic they could too, how you look doesn’t matter one iota. My restaurant quest has continued, and I’ve now been to 38% of the current top 50 list.

More so than before, I really don’t know what’s around the corner. While there is a lot in motion, there is even more still being defined and started. There’s freedom in the groove, to reference Joshua Redman’s great album, and I’m getting a lot more comfortable with ambiguity and the faster pace of life in general. More than ever, I consider myself incredibly lucky, so it’s exciting to make the most of the opportunity that the volatility, love, loss, glory, failure, inspirations, and setbacks that 2016 will bring.

All birthday posts: 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41.