Why I am no longer supporting my WordPress plugins

WordPress needs to die.

Yes, you read that right. It's a fairly controversial thing to say, but I stand by the opinion.

WordPress is an incredibly useful blogging platform, and there is plenty of reason to believe that it has had a very positive effect on the growth and shape of the internet as a whole over the past few years.

The WordPress platform has put a lot of power into the hands of content authors. Thanks to WordPress, it has never been easier for people to get decent, professional-looking web sites onto the web... making it possible for non-technical people, without big budgets or highly-skilled developers, to start creating and sharing high quality content with the world.

It also created a huge ecosystem of commerce, which made it possible for designers to earn a reasonable living designing themes, for developers to earn a reasonable living creating useful plugins, and for content providers to earn a living writing valuable content.

All of these things are good.

But WordPress is not the best platform. As a matter of fact, WordPress is tied to PHP, which is arguably the worst web platform ever made. I won't get into everything that's wrong with PHP, but if you're interested you can start reading here. What I will say is that PHP is woefully insecure, so even the best-maintained installation of WordPress still inherits all of its problems. And unfortunately, WordPress is not a particularly well-designed or well-built piece of software.

The very same flexibility that makes WordPress such an easy platform for which to develop also means that any developer, at any skill level, and with any intention (good or evil) can publish code for WordPress. The number of potential security exploits for this platform are innumerable, and increase exponentially as you add custom themes, plugins, and other add-ons.

In an attempt to keep up with all of these exploits, WordPress updates have started coming more and more frequently, to the point where nearly every time you log into your wp-admin, you are met with more updates to install. The moment you don't, you become vulnerable to the thousands of WP hackers out there looking for an opportunity to exploit your web site. If you're lucky, they'll just exploit you to spam the rest of the world. But if you're less fortunate, your web server account could be used as a proxy for far more nefarious illegal activities. And all of this becomes your responsibility.

The constant updating treadmill also effects developers. People like myself, who have provided useful plugins for the WordPress world to use, are now expected to continue to update our plugins every time a new version of the software is released — a task which becomes unmanageable as the frequency of WP updates continues to increase. My plugins are free. I do not earn any money for the time and effort that I put into creating and maintaining them. Yet if you read the comments I get on the plugin pages, you might get a very different impression.

Several years ago, WordPress was the best platform available for a self-hosted web site. But today, there are endless options, endless platforms, and endless possibilities for anyone who wants to create their own web site. And moreover, with a very basic amount of programming knowledge, those options increase exponentially.

Rather than spend my time catering to the demanding, often rude, and occasionally abusive world of WordPress users, I have decided to create better, more useful software on smarter, more secure platforms. Instead of doing things that encourage the status quo, I want my time and energy and hard work to go into things that will improve the world, and hopefully make it better — and safer — for good content on the web.

I'm not going to end this post with links to all of the many blogging alternatives out there. If you managed to find this post, I am confident you have the skills to go to Google and find them.
comments powered by Disqus