WordPress Security: Critical Vulnerabilities In 10 Popular Plugins (2020 Case Study)

WordPress is often portrayed as an insecure platform that should be avoided for enterprise-grade projects. Having spent the past decade deploying WordPress for SMEs, I’ve busted this myth numerous times – including our guide for important security considerations disclosing our experience working with banks and other financial institutions. As the ubiquitous platform now powers over 40% of the Internet, being a vendor common to attacks from hackers is expected. Any industry leader in tech gathers more attention and “script kiddies” when popularity exceeds a certain point. The Main Security Risk With WordPress The WordPress Core platform (the free software available… Continue Reading

New: Group Mentorship for WordPress Developers and Agencies

Over the past few years I've been receiving a steady flow of incoming inquiries for mentorship, coaching, consulting and general assistance coming from WordPress freelancers, consultants, developers, agency owners and tech leads in WordPress agencies. [caption id="attachment_12365" align="aligncenter" width="960"] A technical presentation on WordPress Code Architecture at WordCamp Netherlands[/caption] Currently, I work with a small group of people who reach out once or twice a month and ask for strategic decisions, sales strategy, technical advice on building a reliable infrastructure, marketing help, getting involved with the WordPress community and so forth. Some of my peers are actively growing and I'm super… Continue Reading

Fighting the Scope Creep

Scope creep is the process of adding more and more features to a fixed-cost project at the end of the development process or during delivery. Long story short, the client expects more features, better UI, or additional services within the agreed quote, which is not expected and hasn’t been planned by the web development agency. We have written a long Scope creep post for the DevriX tutorials section defining the problem, how to identify it, and the possible resolutions (at least for new projects). The CHAOS report identifies the majority of the projects as projects that failed or led to… Continue Reading