Last month, more than 2,000 attendees from around the world came together in Vienna at WordCamp Europe to share their affinity for WordPress. As I sat there, sweating profusely and sharing ideas and thoughts with attendees, it hit me that we still have a long way to go with security in the community. I spent the next couple of days thinking through it and decided to share my takeaways in an open forum. This article highlights five issues I believe to be plaguing the WordPress security community and provides some thoughts on how we can work together to overcome them. These thoughts come from my experiences working at Sucuri for the better part of six years, and actively engaging with the WordPress community around the world. They’re designed to generate discussion, introduce a new perspective, and hopefully, bring about good ideas and further engagement. General Observations If we look back over the past few months, WordPress has been spared from any major attacks. With that, the media has slowly steered away from the onslaught of attacks it had fixated on the platform. This in part is because the platform itself has made a number of changes, embracing a more security-by-default
Share This