In defense of WordPress
Mattias Geniar gives WordPress a pat on the back for how the project has handled recent security vulnerabilities.
At PHP conferences, WordPress often serves as a punching bag.
Nearly every talk that discusses code quality brings in WordPress and compares it to other frameworks. WordPress always ends up at the bottom.
Yet here it is, powering the internet. Patching millions of sites in less than 24 hours.
As much as I appreciate the other frameworks, WordPress is by far the best at handling security incidents. Magento? Don’t get me started. Drupal? Your average user has no idea how to apply patches. I’m certainDrupalgeddon did far more damage than the recent 3 WordPress vulnerabilities, combined.
Joomla? Typo3? Each and every one can learn from WordPress.
Mattias calls the automatic updates features in WordPress 3.7, “the single best thing to ever happen to WordPress.” It certainly gains ground as time goes on, and the inevitable security issues come up.