Hacker News new | past | comments | ask | show | jobs | submit login
WP20 and Audrey Scholars (ma.tt)
206 points by tambourine_man on May 29, 2023 | hide | past | favorite | 122 comments



All things Wordpress aside, I have always had a bit of admiration for Matt Mullenweg. From afar, he seems like a principled person that has worked hard at building community while keeping humility. I am extrapolating of course, as I've never met him in real life, but he is one of the few tech leaders I've actually looked up to over the years.


I met Matt several times in the 2005-2008 time frame. He impressed me as a low key guy committed to playing a long game by providing value to his customers, partners, and employees. He strikes me as principled and acting with integrity. Meeting him was one of the key reasons we adopted WordPress in 2006 as the platform for our websites.

Gutenberg can still be an error in judgement his part and as a key element of WordPress strategy.

I can have enormous respect for his business ethics and still think in one aspect of his business he has made a mistake.


I feel the same, and had it corroborated when I chatted with him briefly at a WP meetup some years ago. Just a very warm, practical, unpretentious person.


I've met him briefly at after a talk he gave and had the same impression.


I too have always been a fan of Matt.

One of the few in US tech that got bigger and bigger with projects and did not go into full censorship mode to court more money.

Very admirable indeed.


Matt is a cool guy. Generous and principled.


My sister in law uses word press for her small online art store. It's... painful. I've had to help her fix a completely broken site at least a couple of times. It mostly seems to come down to the fact that if you want anything beyond a simple blog, you have to have plugins. Tons and tons of plugins. Once you go down that road it's a huge mess of compatibility issues and poor to nonexistent support. It seems like you can get better help when you pay for things, but even then, in one case the devs were completely silent.

I couldn't find any alternative store fronts that weren't way beyond her near-zero budget but if anyone has recommendations please let me know.


>near-zero

You aren't going to get better than Wordpress for that price. Closest options are Shopify and Squarespace. Both of them definitely not 0, with Shopify's starter coming in at around ~5 with the next jump up being 50/m, and Squarespace commerce at around ~20. Worth the price of admission for how much easier they are to use. The plus to both of these are that it's much easier to start adding different features to incentivize purchases and return customers.

If the price is seriously a concern, it's advisable instead to help your sister in law move away from a dedicated platform and instead utilize Etsy, Instagram (Shopping/Shops), and Gumroad to their advantages, and the cost there is 0 (until you sell things then they take a slice of the sale). Several reasons for this beyond cost, your sister in law is likely already using platforms like Instagram for social reach, and most people are going to trust platforms like Etsy over individual sites if they aren't built well. So more easy sales. Once she's grown past a certain stage she can then fully hire someone to manage a custom solution, but until then do not let her underestimate how great Etsy, Gumroad, etc are!


Worth noting, Shopify also takes a cut of sales, plus payment provider cut, and tight margin businesses might struggle on Shopify.

I highly recommend it as a platform though, just make sure the business maths works.


I don't hate google sites but haven't done a store with it.


> you have to have plugins. Tons and tons of plugins. Once you go down that road it's a huge mess of compatibility issues and poor to nonexistent support.

And security vulnerabilities.

Core WordPress is fairly well hardened because it gets a ton of attention. Third-party plug-ins, not so much.


Actually, I blame WordPress even for most plugins’ security vulnerabilities, because its chosen architecture makes them much more exploitable than they should generally be.

There’s also the problem that WordPress builds upon and relies heavily on being able to modify its own code. Although this does allow you to reliably do things like unattended automatic updates, which would probably be net good (normally improving things, though occasionally harming), it also means that even the slightest security vulnerability tends to become immediate total server takeover. This is why I blame WordPress core architecture more than individual plugins: in most ecosystems, most security bugs apparent in plugins wouldn’t be so exploitable. This design decision is probably responsible for most WordPress site hijackings (… which are very common). Taking all things into consideration, I suspect that going read-only file system and not supporting installing/updating/removing any code via its web interface would probably be good for WordPress’s security, despite it meaning most sites would never be updated—but it would certainly harm its ease of use, and I can easily see why it’s basically a non-starter.

By contrast, choosing another PHP system as an example (since it’s one of the few popular languages that particularly supports this kind of self-modification), last time I dealt with Drupal (back in 5 and 6 days), it would actively complain if it could write to its own directory, urging you to make all but the directory it uploaded user files to read-only to the web server user account. Updates were then done out-of-band, using your user account on the machine which had write access to replace the files, rather than the web server’s account. (There were manual steps involving the web interface and local file operations, or tools like Drush to make it a single command.) Bad for ease-of-use, excellent for security.

I haven’t had much to do with WordPress, but I gather storing executable PHP code in the database is also fairly common, which is almost worse than having a writeable file system. My vague recollection of Drupal is that although it supported “PHP code” as a content type, you had to turn it on in the config file, where it warned you of the vulnerabilities this opened.

(My qualifications in this comment: I’ve helped recover several hijacked WordPress instances, mostly around 2015 and 2022; migrated one business off WordPress in 2022; done almost nothing else ever with WordPress; worked fairly extensively with Drupal 5 and 6 on a few sites quite a few years ago; worked a fair bit with Django over the years, and some in other web frameworky things in Node.js and Rust; haven’t done anything serious with PHP for years now, preferring Python, JavaScript and Rust. Certainly don’t trust me for any insights into WordPress. I could easily have made errors in this comment.)


> last time I dealt with Drupal (back in 5 and 6 days), it would actively complain if it could write to its own directory,

That's great, but if you remember drupalgeddon, the attack vector (sql injection) used the url routing system, which very conveniently would map a path to any php function + arguments. Ugh.

SQL Insert a call to php's eval + the code of your choice as the args and voila, SQL injection becomes rce instantly.

I can understand a CMS having read write access to the database, the main benefit is to update the content of course. But mapping paths to executable code, straight into the database is a highly dubious choice.


I completely agree that the problems associated with the plug-in ecosystem arise as a result of design choices in core WordPress.

It’s not just technical API design, though — it’s also business logic and community architecture. WordPress didn’t stay a blogging engine, but became an everything platform, with plugins needed to fulfill vastly expanded ambitions. The inadequacies of the extensibility design have much more severe consequences when stretched to encompass such sprawling scale and scope.


IME it helps to keep the number of plugins limited and judicious. Stick to very popular plugins or those with a sustainable business. Basically big enough it's certain to be forked if the original authors stop supporting it.


Exactly this. My website was hacked a while back, when I was installing random disreputable plugins.

Remade it but thought before I installed and suddenly the site is performant and secure.


Wouldn't Shopify be a pretty strong candidate for that kind of thing these days?


People just default to Shopify like it's some sort of miracle, everything about it beyond out of the box is PIA. Tons of add-on's (aka. plugins) that all cost to extend the basics like forms, seo, and fulfillment/shipping among the typical. The costs add up even for a basic store and theme dev requires some knowledge.

Wordpress gutenberg is like a bad experiment that has no end game. They have spent years developing something is incrementally improves at snails pace. Wordpress is just plain and simple super accessible from a strong ecosystem of plugins, php is simple and widely known, it's an easy platform to host. The problem is all the alternatives like jamstack generators, headless cms, and even better CMS tools like craft just don't have enough popularity to leverage away from WP. I could easily spin up a woocommerce site just as fast as Shopify, but in reality not a fan of either. From an agency perspective, most clients could give a rats ass about things technically, they just want something working.


Yes but it's just way too expensive for her sales volume.


WP store front plugins are mature at this point and really focused on people already netting at least a few thousand dollars a month. Most of the “just starting out” crowd (and a decent chunk of everyone above that) went with platforms specifically focused on selling (Shopify, Squarespace, Square, etc)


That’s the problem people have with WordPress, the tons of plugins they install.

Not much WordPress’s fault, aside from making writing and installing plugins easy and maybe not including a bazillion features few will use out of the box.

I think Gutenberg is still not ready, but when it matures, it may be a better alternative to the page builder plugins like Elementor, etc.

Comparing a hosted open source solution to Squarespace and the likes is non sequitur, IMO


I wonder how is Gutenberg not ready? We’ve been using it for 3+ years. It can be a little clunky but graphic designers and content creators like it for simple page/post layouts. It’s not always easy but it always seems logical.


> Comparing a hosted open source solution to Squarespace and the likes is non sequitur, IMO

how so?


You can change it however you want and be sure it will be running in decades to come. They’re not in the same category, to me.


I find it pretty funny that Gutenberg is now the fusion of the Wordpress ecosystem.


If only there was as much progress in latter in so little time.


I'd probably just write it myself; unless there are very peculiar requirements a "small online art store" is not that hard or time-consuming to implement, and seems less effort than dealing with off-the-shelf software.


Wordpress is a full-featured CMS. Most people would be better off with something like a static site generator


I disagree. Most people want a GUI or browser based tool that works as a CMS (even if a limited one). They just wouldn’t be able to handle the 99.9% of static site generators that work on the command line and need the user to learn specific templating languages, image linking, tags, etc.

People who drift to WordPress also want the cost to be lower and to be able to host almost anywhere (meaning, almost any web host should support it).

The cost and usability combination hasn’t been solved well by tools other than WordPress. If there are any, I’d like to know or re-examine them.


Have you seen Publii? It seems to be a solution somewhat similar to the one you described. It's quite limited compared to WordPress, which can be a good thing.


> It mostly seems to come down to the fact that if you want anything beyond a simple blog, you have to have plugins. Tons and tons of plugins. Once you go down that road it's a huge mess of compatibility issues and poor to nonexistent support.

Sounds like the libraries and open source software I work with everyday, to me.


try drupal


I've been making Drupal websites for 15 years, and especially lately now that its code is modernized wouldn't touch WordPress for any reason... but simple Drupal is not.

It can be very simple to administer if the site is built right, but someone has to get it there and that takes some budget.

Anyone in OP's situation I push towards Shopify/Squarespace.


Drupal has a steep learning curve. My personal website is on Drupal and now it is a nightmare even to upgrade it. I wouldn't recommend Drupal unless you have technical skills. It is not plug-and-play.


I once ran a Drupal site. Soooooo much more complicated than Wordpress. Definitely not recommended in this case.


Drupal has the exact same problem.


Well if the issue they have with Postgres is complexity and dealing with plugins, Drupal is not going to help. It’s way more complicated and IIRC it’s plug-ins all the way down.


WordPress is the best example imaginable of how a popular incumbent can prevent technological progress and create heightened risk for the whole internet. They should teach it in school as a cautionary tale. "Be careful what you create, it might end up a WordPress."


Alternative spin, WP is one of the most battle hardened CMS available.

Tongue in cheek, but genuinely as well, it is probably the most attacked CMS platform on the internet. That not every WP site is taken down by the automated attacks they all get means they must be doing something right.


When you include plugins and themes — which is a must because that is how WordPress gets used — the ecosystem as a whole is a security shitshow. Many popular plug-in vendors have abysmal security records. You don’t need to find a vuln in core WordPress to pwn installs.


If you haven’t actually tried to do something professional with Wordpress, you might think this description is over the top. But it actually undersells how bad it really is.


To all the haters in this thread: Pull requests welcome. Til then, stop spreading fud. WP security is fine.


No, you’re wrong! We’re going to implement our own custom CMS in Rust using WASM and deploy it to 5000 edge servers for our local brochure business website that needs a little bit of functionality and has a small budget with no technical experience.


I really don't understand how hackernews is full of "technologists" who cannot comprehend the cloud and who have no idea why tools like Wordpress are so powerful. I swear, if HN popular opinion was mainstream we'd all be pushing code to virtual machines using SSH and everyone would just accept that This Is The Way. It's amazing how wildly out of touch this community is with modern development practices and patterns. If it wasn't for the rare actual expert opinion on current topics this entire site would be no better than TikTok for technology. Scratch that. TikTok also occasionally has experts providing valuable insights on important topics.

Anyone would be lucky as fuck to have the success and influence of Wordpress and yet we have clueless folk who speak of it as a cautionary tale.


you must be going to some different hn site.

overall i find it balanced. certain topics will draw certain vocal crowd more and then it will look unbalanced.

on the other hand it's really funny to see "modern development practices and patterns" mentioned in a topic about WP.

are you sir one of them expert technologists from tok tik?

i agree that WP is a cautionary tale but one thing they got really well: never do a rewrite from scratch while being the top dog. it must have been hard to resist that siren song and now we'll have WP till the heat death of the universe.


In my opinion WordPress can be compared to Windows. Not just in terms of security, but everything.

WordPress is the Windows of content management systems.

They both are widely used, have an outdated architecture, are keeping compatibility above all, therefore don't innovate, are very extendable, can run almost anything, and are the go-to for many people.

It's up to you to decide, if these are good things or bad things.


This is what Craigslist did in the P2P space.

Except CL squandered the opportunity to rebalance the power dynamic between landlords and renters.

Then, its continued reluctance in many fronts fragmented local P2P into a dozen marketplaces, greatly impacting its own marketplaces’ liquidity.

At this point I think Wordpress is doing more to sort itself out than CL.


Can we celebrate this project which has empowered millions of people to power their businesses, share their ideas, get their engineering careers started, make a living, all in free software as a collaborative effort all around the globe?

Earlier days of web there were so many projects fighting for this crown. Starting from Movable Type to PHP Nuke, Xoops, Joomla, Drupal (and a billion others). Well done open source and free software community. Shoutout to all those people who worked on all those platforms to make this a possibility.


I've worked with WP in the past and while I'd rather choose something else from the tech perspective as someone who's dealt with clients of small (and large) businesses they just want something that works, and WordPress does.

It's not fancy and you will have to deal with a lot of horrible plugins that clients will want, or their marketing team, however from the product perspective it's an amazing technology - just like any that lasts 20 years in web dev IMO.

This isn't by any chance a defense of WP but before dunking on it think what else can you offer to a small business for the same price and functionalities.


WordPress changed my life. I created a plugin that is used by 50,000+ websites right from government organisations to Fortune 500 companies. In the process, the premium version of the plugin has generated $300,000 in revenue without spending a single dollar on advertising. Thank you for making WordPress, it’s an engineering feat.


What does the plugin do?



Going to guess tracking or fingerprinting or ads

Edit: Sorry, that was snarky


I still very much like WordPress. Actually a lot better than Webflow that not only has no plugins but less support and more limitations in the UI editor as well.

WordPress has served me well over the years, and even though I don't use it anymore, it has certainly been easy to setup and get going with templates, plugins and SEO.

I still see a lot of brands using WordPress for their official websites, which always surprises me, but it also assures me that WordPress still is relevant to this day.

Thank you, WordPress!


Wordpress just works as long as you keep it simple. It works great and doesn't deserve the shit it's getting from many. It's one of the remaining pieces of the old web, and it has evolved nicely with its time.


Not long ago I had a junior dev remake the corporate site by having him make a template with ACF flexible content - the previous iteration was done by him mainly using Divi, and the result was so much different.

He was recounting how much better the experience of building the site was, and how much more responsive the content management was, when divi was not part of it.

Then we threw in few plugins to cache and minimize and presto, a simple site up and running that non devs can go and add content, and does well in speedtests.


Sony, Disney, Rolling Stone Magazine, and the White House to name a few - https://wordpress.org/showcase/

Critics pop out of the woodwork whenever it's mentioned on HN, but most of them have very little meaningful experience with WP. The ecosystem around it is huge and mature and if you work with the right partners it's a remarkably hassle free way for a business to serve tens of millions of users. Most of the issues with plugins are resolved simply by being picky about which plugins you install, you are not required to use any, you can code everything yourself if you think that's safer (hint: often, it's not).


Despite all of the hate and trouble people seem to have with WordPress, I've had nothing but positive experiences with it for nearly its entire 20 year life. We're putting 5+ clients a month on WordPress (in addition to Webflow). Happy birthday!


Curious, how do you decide between WordPress and Webflow?


Case by case really. Occasionally the client has a preference, occasionally they don't.

Most large corporate clients are already familiar with WordPress and partnering them with a managed hosting solution like WP-Engine to handle security / support has worked really well.

Smaller, more agile companies that might want something a little more fun tend to do well with Webflow.

The larger the site the more likely I'd want it on WordPress over Webflow.


Like many other comments here, I have a hate/love relationship with WP. In the love side there is no good replacement, in the hate side I wonder how easily exploitable it could be. Using WPEngine now to experience a better service than hosting it in another non-specialized cloud service. Have seen performance enhancements happening naturally.

Happy birthday! If nobody replace you is because you are the best in town for most people and organizations.


If you look at what WordPress gives a non-technical user it is very impressive: nice authoring UI, instant deploy with rollbacks, multiuser editing with access control, pretty urls, previews, drafts, themes, et cetera.

I prefer my minimalist static site generator setup better and hope someday we could top Wordpress but realistically I wouldn't recommend betting against them. They've done a great job.


About 8 years ago I tried working with Wordpress and half built a site for my then boss's portfolio bc he insisted he wanted it.

I just quit my last job which was a RoR/React shop. I've been working with NodeJS and JS frameworks for the past 10 years. I never really got into PHP.

Now, I'm working in PHP again and specifically making Wordpress sites for a non profit agency as a contractor. It has been a joy. In particular, we're using root.io with Valet and heavily relies on root's version of Laravel blade system which makes building websites super fast and seamless and I've gotten a lot of satisfaction building things this way.


I really like the while roots ecosystem for ease of development. The problem comes in when I have to hand-off the site for someone to maintain.

At some point, every client decides they are better off switching to an extremely cheap agency for maintenance. But these bottom-of-the-barrel agencies don't seem to have any programmers on staff at all. They have no idea what to do with composer, git, or any cli.


Ah, that's a bummer. You can always hit me up (contact in profile)!


Happy birthday WordPress :)

It is both excellent, and terrible. Choosing to use WordPress you will experience both in equal measure, without knowing when exactly.

Enjoy.


WordPress/PHP does have a really interesting design that allows you to essentially hot swap components while the website is running live.

What I mean is that you can install WordPress plugins with WordPress itself, live. The PHP scripts which are essentially files in a folder, will go download more PHP files essentially augmenting itself without ever having to restart or redeploy the server.

It's an interesting capability that few other web frameworks have.


That's Because most of the post PHP web frameworks included url routing from the beginning instead of using the file system.

File extensions on websites used to be Very common until about 10-15 years ago


It's also a common source of security issues.


Being able to install plugins from the web interface exposes the site to more security issues. Those who can manage to follow some instructions would be better off logging in to the host via ssh and then using the wp-cli [1] command to manage the site (upgrading WordPress core, installing/uninstalling/upgrading plugins and themes, etc.).

[1]: https://wp-cli.org/


WordPress is what got me into web development.

Long live WordPress.


Fixed Link:

https://ma.tt/2023/05/with-mike-little-and-dries-buytaert/

or go direct to the video:

https://www.youtube.com/watch?v=QYhIItlPPOs

"WordPress co-founders Matt Mullenweg and Mike Little sat down with Dries Buytaert, founder of Drupal, to discuss the history of WordPress over the last 20 years."


There's usually a lot of controversy between the people that say it is great and the people that despise it. And I think both are right in their own ways.

WordPress is great as a Product. It clearly works and a lot of people make a living out of it. It powers a big chunk of the internet and that's admirable.

But engineering wise (or tech wise, or "good practices" wise or however you want to call it) it is the worst aberration ever built on this world. You can see all the possible bad practices in this industry in both the code and the coding practices most of its community follows. They're stuck in the year 2000 and have no intention to move forward.

It is the perfect example that technology doesn't matter if you have a good product.

As a developer that used a lot of other things in the past, I feel miserable every time I have to do anything on it. It's frustrating as nothing else I've done in my life.


This is actually really cool. It's not a terrible [cheap/free] headless CMS for content managers, imo.


Yeah, i hate and admire WordPress at the same, in my brief exposer I quite like its hooks/action/plugin system. In a weird way my current project[0] is inspired by wordpress. (its not a exact CMS thing but), what if someone build a wordpress like pluggable system but plugin donot run in same eval/execution context, maybe inside wasm containers.

[0]: https://github.com/temphia/temphia


Love Wordpress. We've made millions of dollars with it.


Don't know how to feel about celebrating this lol


I'm sure there's been so many (failed) attempts at disrupting WordPress. Wondering if anyone has compiled a list of post-mortems. Would also love to know about the successful attempts, though it would seem it's not outsized. Headless CMS' were picking up steam a few years back, but it seems the hype has plateaued?


> Headless CMS' were picking up steam a few years back, but it seems the hype has plateaued?

That's mostly because a headless CMS is a component for a piece of software you write.

Wordpress is a thing you poke at in a control panel, and that speaks to a way different audience.


Really interesting case for discussion here.

We're all making our own stuff according to our important tastes... And yet WordPress is out there massively more successful than just about anything.

How? Why? Is it just that they were early? What's the secret to their success?

To me, it's that it seems (even if it isn't) like it makes website building simple.


Coincidentally I went looking at how long I’ve had a web page and what I have used to maintain it. I started using Wordpress in 2005 and moved to Hugo about 2 years ago. Still have a couple of newer sites running Wordpress but it’s interesting to see I started using it when it had only been around for about 2 years :)


It's a shame they have gone off the rails so badly with Gutenberg.


Gutenberg is great! And if you don't like it you can still use the classic editor. And if you kinda like it, you can use Gutenberg (block editor) with classic editor blocks.


This is less and less true.


as somebody who only really started using wordpress post-gutenberg, i don't see the problem. it works, it seems easy enough to use, and my non-technical colleagues who are more used to making facebook posts than websites love it. and that was the whole reason i started using wordpress in the first place: so i wouldn't have to maintain content editors for my colleagues.

is the problem just that it's different to the way it used to be?


Basically, yes.

Gutenberg was designed for people like you who (were/are) new to WordPress and there was a rocky transition as well as a complete reworking of how to build WP themes (almost everyone’s bread and butter work).


Around 2 years ago I was trying to move my blog to Wordpress. I found that the vast majority of themes want your money (unlike static site generators like Jekyll, Zola, and probably Hugo), I found numerous editing and cursor movement bugs in the Gutenberg editor (https://github.com/WordPress/gutenberg/issues?q=is%3Aissue+s...), I was unable to edit pre code blocks on the mobile app, and converting articles between Gutenberg and classic formats resulted in structural issues (someone else has elaborated on the technical reasons at https://gschoppe.com/wordpress/comments-arent-structure/).


I migrated a business’s site from WordPress last year (a site that had been around since only 2018, I believe). I was surprised to discover how awful all this stuff was in WordPress’s export (… which was also very misleading and limited in scope). In order to not ruin large amounts of content, I had to dismantle that Gutenberg comment stuff (where present) with its strange mixture of structure and presentation, and also port the old-style wpautop function, which is obviously a total disaster of a concept that has arisen from bad technical decisions being made at several points in its history, combined with caring about backwards compatibility in mildly weird ways. The fact that it didn’t even identify what was Gutenbergy and what wasn’t, but basically just treated the whole thing as a string from which you parsed what you could and shrugged your shoulders about the rest was severely off-putting.


Despite my distaste for Gutenberg, I don't think WP would have continued growing without a built-in WYSIWYG solution.


It depends who you're targeting. If you want any non-developer to be able to edit the site, it's great. For developers, it's just plain terrible.


Reasonable men may differ.


The alternative to Gutenberg was allowing thousands of proprietary plugin developers to compete with each other to encode your data in a way that made it impossible to migrate to anything else. Gutenberg was mandatory.


Gutenberg encodes semantics in comments and inhibits migration and interoperability as much as any of the other proprietary plugins you are complaining about.


Gutenberg is first party. It's either WP or a 3rd party, I know who I would pick.


I think that is normally a good rule of thumb, especially when first party has a track record of accomplishment. It's one that I embrace. I am trying to stick with the original editor and find it increasingly hard as all of the design elements are now requiring Gutenberg. To be clear, I am not advocating for another page builder over Gutenberg, just not embracing Gutenberg because it embeds semantic elements in comments and if and when I need to migrate off of WordPress I don't want to be stuck. I have been using WordPress for 18 years, which is a long time for any technology platform. I don't have plans to migrate but I don't want to foreclose any options.


Even all these years later, I cannot wrap my head around WP's direction with Gutenberg. I think having a first party solution for WYSIWYG editing experience is important for WP going forward to keep folks (read: clients, bloggers, etc) interested in it, and I would much prefer to rely on core functionality than battling Elementor, Divi, Beaver Builder, and etc.

However, I have a list of a few items that just haven't sat right with me during the post-Gutenberg WordPress world.

1. The way that it saves the HTML output from React blocks directly to the DB is a cumbersome and unfriendly approach for all. Having a client ask for what would have been a simple tweak pre-Gutenberg and having to resave every page on the site so the deprecation pathway can "update" the block is not friendly to developers or editors. I know you can use PHP (aka "dynamic") blocks, but then you're duplicating the same exact UI between React and PHP and have to take on the technical debt to make sure to keep that in sync. We've moved to relying on ACF Blocks instead of React blocks for most things due to it having a better developer experience and a lot of our clients being used to how ACF works, but obviously this comes at the expense of the fancy inline editing that was the whole "wow!" factor of Gutenberg.

2. The documentation was lacking at launch, and it still feels that way sometimes. It was really aggravating to try to figure out what exactly you could change and remove in core blocks. I remember a coworker and I trying to reverse engineer their columns block since there were a lot of missing features we wanted and realizing that a very, very core block to the Gutenberg experience was utilizing functions marked as experimental without much documentation about what they were or why they were experimental (that we could find). I remember doing our usual upgrade on a new version year after we finally built our own version based off theirs, and the editor completely broke in one of the upgrades (can't remember if it was a major or minor release). Turns out those imports weren't experimental anymore (and no hard feelings on us having to update our imports. We knew we'd need to, it was just the length of time that passed that was "scary", because it doesn't feel great that the core backbone of your site is experimental, haha!).

3. Full site editing being rolled out has felt like Gutenberg's launch all over again. I think #2 is partially responsible for this, but I've watched coworkers have to fight with this a ton for very little benefit, and in some cases those folks end up just saying "hey, you know what instead of trying to rely on their new/weird templates, we'll just add header/footer.php back." This may be less of a problem of Gutenberg itself, but more just a continuation of the lack of decision making and planning that lead to Gutenberg's flaky launch to begin with. Like Gutenberg itself, it's a good idea, but launching it half-baked to just get it out the door makes me hesitate to want to incorporate it until years have passed. My experience has been somewhat limited with their FSE implementation since I've been doing a lot of NextJS work lately, but what little I've dabbled in it wasn't going to have me giving them glowing reviews.

4. It feels like they reinvented the wheel to "do" React SSR in PHP since they save React output directly to the DB. Sometimes I wonder if they wanted to actually have Gutenberg be a standalone project, move to Node, and do real server side rendered React, but were afraid of the very real pushback a move like that would cause and the loss of decades of plugins and backwards compatibility. I know we're toying around with the idea of headless WP + Next since it would hopefully get around the poor pathway for updating React components, but at that point we wonder is WP really what we want to go with or would another CMS be better for our needs.

All that said (didn't mean to rant so much!), I agree with what lenova said a few comments over that Matt has always appeared like a decent person from afar, and I've always respected that he's a web titan (in my eyes, at least), but doesn't come across with the same high and mighty attitude and harshness that a lot of other folks in a position of status like his do.


Fantastic summary of Gutenberg’s mistakes. They also completely missed the Headless CMS movement when they designed Gutenberg this way.

Having said all of that, we use Headless WordPress for many many client projects and have got it working really well for us. For us it’s much better than Sanity, Craft and Prismic. The WP-GQL plugin and ACF are really amazing.


Nice, that's good to hear! I've been using Contentful which has felt super familiar to editors and devs alike, but does have some pain points, such as the lack of ACF-like repeaters (IMO the relationship fields don't stack up as well for what we normally do for clients), the never-ending modal rabbit holes you go down to edit nested content (page -> section -> component -> image wrapper -> image, all because you can't force alt text on their default media uploads, and that was their suggested method of getting around it!).


It really is. Elementor has been the de-facto page builder for WordPress for quite some time now - and it is excellent. Gutenberg doesn't even allow you to specify a different style for mobile for a block.


It almost never renders on my iphone correctly. I can't make updates or changes on the road.


Happy Birthday WP! Been using it since 2007 at least, and it's still used daily in my job. Here's to 20 more years!


Amazed me how many multi million dollar news websites are on it. You think by now that would pay to recode out of PHP


Why would they? The people managing the content on the site don't care if it runs on PHP or on hamsters, they just care that it works, and PHP/WordPress most definitely do work.


Replacing working software because the language is ugly/obsolete/disliked is never, ever a good business decision


Mainly I was focussed on risk. I work on two WP sites, both of which lag head and both of which are major PITA to upgrade and maintain, and both of which are targetted continuously by whitehat (I hope) tasters looking for holes.

If you were looking to close out those problems, you'd move to a platform which was coded more safely and I very much doubt it would be PHP.

I don't know what it would be. Maybe something targeting node.js but with type safety in front of a compile phase? (to get similar platform independence that PHP brings)

Or, a static site re-publisher which took a PHP master and committed out the door faster to render, safe pageviews.


Now what are the real alternatives to wordpress in 2023? security issues area. nightmare.

not ghost - too clunky to use. what else?


> not ghost - too clunky to use. what else?

What happened to Ghost (haven't kept up to date)? I remember in the first few years it felt so promising, snappy and delightful.


It’s still there, still going strong but these days it’s primarily a publishing platform for blogs, magazines and digital newsletters. I’d say it’s more a competitor to Substack than Wordpress.


I guess it depends what you need to build. I used to use Wordpress for all my personal and client projects but I then moved to Kirby[0] and I couldn’t be happier.

But I think it highly depends on what kind of projects you work on.

[0] https://getkirby.com/


For a start (I went to have a look), I don't think most Wordpress installs can be replaced by something that costs $21,896 a site!

EDIT: I do wonder if the website is just broken? That seems like a crazy price to charge, while being such a specific number. That is definately what I'm being asked for however.


I have no idea where you got that price. Licenses are 99$ per site.

EDIT: they do automatically add VAT based on your location so maybe that’s completely broken for you? Only thing I can think of.


some coworkers from my previous employment built their whole careers on top of wordpress. and as far as i can tell, their work mostly around personalisation, seo, and some ux.


i don't really know why people are always getting on wordpress's case - i used it back when i did a bit of blogging, and it seemed to work ok for me.


As a blogging platform it's fantastic. If I wrote a blog, it would probably be my first port of call. The problem IME is when people use it to develop complex websites that have no place being built on WordPress. I've had numerous clients over the years asking us to investigate why their website has been hacked and people are receiving dubious links in emails or finding their website serving SEO blogspam, etc.

You rapidly find an insecure spaghetti mess, that's almost unmaintainable, especially when you find loads of random plugins installed and the previous developers cut corners and started hacking code into the core and the plugins, which of course then breaks stuff when you update any of it. Which you need to do. Often.


> As a blogging platform it's fantastic. If I wrote a blog, it would probably be my first port of call

Why over just using a static site generator?


some pros:

- lots of cheap wordpress hosting out there

- no need to "rebuild" whole site when you publish a new article

- friendlier to non-technical people

- upgrading version is just a click away

of course there are cons too (some are mentioned in the other comments), but for me, I can accept those trade offs


Yeah, it has a decent user experience. The problem is the underlying plugin ecosystem and crusty core. It uses outdated legacy PHP patterns (modern PHP is great, but WordPress doesn't use its power), plugins are often vulnerable, supply chain issues, etc.


Too many core features are relegated to plugins (eg: custom fields, custom post types, email signups, basic analytics, basic SEO features, caching, etc). These plugins introduce security holes, hijack your dashboard to beg you to upgrade to the paid tier, and don’t play well with each other (eg: a custom post type plugin won’t integrate with custom fields because it can’t know which custom fields plugin you’re using).

And the economics of the Wordpress ecosystem mean that there’s no incentive to fix this and bring more of these critical features into Wordpress core.

I also find the templating system unintuitive compared to something like Mustache that gets out of your way.

For these reasons I’m currently working on an open source batteries included CMS with a specific aim on improving the developer experience compared to Wordpress. It’s early days but always interested in other peoples thoughts on Wordpress’s strengths and weaknesses.

I should also say that despite all my criticisms, Wordpress is a monumental achievement, one of the great open source projects, and the world is so so much better for it. Imagine how much worse things would be it something more like Wix or FrontPage had become the default way to get a website online in the Web 2.0 era.


I'm not in the market for a CMS but if I were I'd likely go with https://statamic.com/ if I needed to build something from scratch.


The main factor could be that there is no other successful CMS + web server engine _at that scale_ out there. There's plenty of other options if you have the money or the skills, but both of theses are eternally in low supply.

Abusing a blog engine to make it run small EC sites becomes a cheap and half manageable route. Even for super simple things like a site with a presentation page and a contact form, a wordpress blog is faster to set up, cheaper and more manageable and ultimately more reputable than many solution out there (the "cheaper" part being of course the more critical aspect)


WordPress help me a lot in my early career.


My mind exploded when Mike Little's age was revealed. I was looking at him and thinking "hmm... he looks a little older than Matt". But I never imagined 23 YEARS??!! So, open source keeps you youthful!




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: