June 10, 2019 — For a variety of reasons, we humans tend to be poor assessors of both the probability that something bad will happen, and the damage that is likely to result should such a thing occur. Academics have studied this phenomenon since about the 1960s under the rubric of risk assessment. What does this way of thinking have to teach us about WordPress security? Can we construct a risk matrix to help us choose which aspects of WordPress security are most in need of our limited time and attention?
In this session, I’ll draw on both on my own experience providing technical consulting in the areas of security and scaling to some of the world’s largest and most security-sensitive WordPress sites, and on the wisdom of community members who maintain smaller sites for businesses and individuals. In addition to providing a brief overview of the total security landscape as it applies to WordPress, we will attempt to use some of the tools of risk assessment to help us focus our attention in the right areas, including any we tend to naturally overlook.
This session, though touching on some technical topics, is suitable for anyone who administers, uses or develops WordPress sites.
March 8, 2018 — Many of us work primarily in this first realm: with themes and plugins, and may not have been closely tracking all of the details of the REST API’s rollout. Other of us (me included) have found the years-long rollout to be complicated to track and summarize.
Whatever your motivation, if you seek a gently-technical intro to the REST API in about a half-hour, this session is for you. We will cover three broad areas:
– what is the REST API, and how does it work?
– what are some possible use cases for the REST API?
– how do I extend/customize/control the REST API?
This broad, quick, overview should leave you prepared and equipped to further research and experimentation with WordPress’ fancy new feature.
May 12, 2016 — A major new feature in WordPress was first requested over six years ago in this core ticket has now launched as part of WordPress 4.4. This feature has a dramatic and interesting history. Its arrival has been presaged in changes over at least the last three core releases. Its development has followed an interesting and at-times controversial path involving many well-known core contributors. Its presence has major implications for anyone who develops or maintains themes and plugins in WordPress. The feature in question is Taxonomy Term Meta, and it’s a big big deal!
This session has several purposes:
to provide a brief and entertaining account of the development process and major design decisions involved in making term meta happen, including accounts from the people who developed the feature.
to provide a quick technical introduction to the feature itself and its API.
to discuss what the feature means for WordPress developers and users — in particular for anyone who maintains themes and plugins.
This un-boring session is most appropriate for developers, but also potentially interesting to anyone with responsibility for a WordPress theme or plugin. I’ll be drawing on my experience as a maintainer of several large plugins (including Co-Authors plus) my relationships with several of the core contributors most important to this change and my work at Automattic on WordPress.com VIP, where we’ve spent a significant amount of effort preparing our clients for this transition.