Hacker News new | past | comments | ask | show | jobs | submit login

The only buggy or insecure code is really from third party plugins and themes. Wordpress core has been rock solid. Ya you still need to setup caching and there’s some modifications to run it at scale but that’s all a solved problem thanks to the likes of Automattic and their VIP platform.



how much of that ⅓ of the internet is running third party plugins and themes on their WP installation?


If they hired bespoke custom development from contractors at the price range these WP sites are developed for, do you think that would be better code?


How much of the rest of the web are using third party dependencies in their code?

We’ve built sites for a very large social media company where everything had to be audited before production including third party plugins. WP VIP has a list of plugins they’ve vetted and/or applied their own patches to secure.


> The only buggy or insecure code is really from third party plugins and themes. Wordpress core has been rock solid.

Rock solid? I don't really trust the codebase at all, and generally you need at least some plugins.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: