In His Own Words:
I have been a WordPress developer full-time for the past six years working with a few WordPress-oriented startups along the way including b5media and WP Engine. I moved to Austin in 2010 from Baltimore and when I’m not wrangling code for clients, I am probably sampling a fine Texas craft beer. I also have a neurosis that involves making 4-5 trips every fall to see the Baltimore Ravens play in cities around the country. I am most known for writing the WordPress Bible (aff) and my business and technology blog of 8 years.
When was the first time that you really got excited about WordPress and at what point did you decide to make it your career?
Back in 2004, I was hacking around with PHP but wasn’t really doing much more than continuing my (at that time) 4 years of learning. I wasn’t great but I knew what I was doing. Some of my peers, at the time, had started playing with blogs. I didn’t really know what those were outside of a conceptual standpoint.
Around that time, the great Movable Type Exodus of 2004 was happening. You might remember that, in those days, most serious blogs were on MT which was open source. Well, version 2 was open source (GPLv2). Version 3 had done away with that and SixApart had begun charging to use the new version. In fits of anger, bloggers big and small streamed off MT and headed in the direction of this new open source platform called WordPress.
When I started tinkering, I chose WordPress because I had heard the buzz and it was PHP and easier to install than MT. It didn’t take long for me to go from “blogger” to “tinkerer” to “hacker” as I was never content to just use software out of the box. Soon after that, I started installing nightly builds and not much after that, I began doing what I still, to this day, do… running “trunk”, the bleeding edge version of WordPress that I resync every night.
If I was that committed to using the core, I knew I was destined to make it a career choice. Ultimately, in 2006, I left Northrop Grumman and corporate life and went full-time with b5media as their Director of Technology, responsible for some 300 WordPress installs. I guess that’s a career move toward WordPress. ;)
Where do you go first to get your WP news, insights, and updates?
Honestly, I find out about most of the WordPress news via Twitter. I follow most of the dev community folks and we’re all in the same fraternity, as it were. So I see people talking about stuff then I go google around to find specifics. I’m terrible, I know, but I like to let other people curate for me.
What WP consultants deserve more love than they get? Who should we be paying attention to?
One of my favorite guys, personally and professionally, is Ryan Duff. This guy knows his stuff and gets and makes bids on serious work. Serious work. He doesn’t talk about it a lot. He’d rather tweet about the weather and make snarky comments to me. He is definitely known in the developer community, but he maintains a low profile among other groups.
What performance tips would you give to other pros (as related to speed, scalability, security, plugins, backup, etc.)?
Install what you need and nothing more. Plugins are certainly commodities and installing them are easy. But the more plugins you add, the greater impact on PHP performance. Some plugins are well-written. Others are not. That’s the nature of the game. And if a plugin is not well written, even if you’re not using it and you left it activated while testing something, you could be introducing security holes or performance problems without even knowing it.
The other thing is, for all that is good and lovely in the world – kittens and snowflakes and Ron Burgundy jokes – please stop using themes that use Timthumb. I know there’s a more secure version now and, from a security standpoint, it’s fine. But here’s how Timthumb works. Your server goes and reads an image into memory. It loads up PHP into memory. It does a bunch of things to the image and then serves the image out of memory. An image is static content. It should not need the overhead of PHP to render an image, and at scale… there’s going to be a scaling problem.
Protip: There is a dynamic resizing function that has been suggested for WordPress core that I use in place of Timthumb. It won’t make it into WordPress 3.4 but hopefully soon. In the meantime, I suggest using this vt_resize() function (which will likely have a different name if incorporated into core).
Confess to us your biggest moment of WP fail?
Not paying attention to pop culture enough. No really. It was a Thursday night in 2007. I was sitting on the couch with my wife at the time watching The Wire or some nonsense like that. I was the Director of Technology at b5media and, at that time, I had Sean Walberg moonlighting for us as my sysadmin, Brian Layman and Mark Jaquith as the lead developers and myself. We were the tech team.
As the “buck stops here” guy, I always had my BlackBerry on me (yes… I once owned a BlackBerry. I’m not proud) and it would alert me if there was an outage. My BlackBerry started blowing up, as did Seans. We both jumped on Skype (I was in Baltimore, he was in Winnipeg) and started trying to figure out what the hell was going on. It took us awhile, but we figured out that one of our entertainment sites, aptly named “Greys Anatomy News” (Way Back Machine!) was getting, if I recall, 10,000 requests per second.
Brian jumped on a few minutes later, and I’m pretty sure he was the one who identified the issue. Grey’s Anatomy had just aired, in the 9-10pm primetime slot, an episode where Meredith had apparently died and the show ended on a cliffhanger.
Fans were flooding Google with searches for “greys anatomy news” to find out what happened and conveniently, our Greys Anatomy News site was the top ranked site for that term. We managed to squash the server rebellion just to have it happen again three hours later when the show aired on the west coast.
TIP: Always know your pop culture. If I had paid any attention to it, I might know that it was the season finale and to look out for possible problems. Haha.
If you were going to spend this weekend creating a plugin that doesn’t exist, what would it be?
I’d like to tackle the problem of Github pushes and pulls between development and staging environments. It’s not a hard problem and some people have already made great attempts with success, but there’s a lot you can do with Github, in particular, that can make for a very robust experience if done right.
Do you use Themes & Child Themes, Roll your own, or both?
I tend to use the Genesis framework and child themes built off that. That being said, I don’t do a lot of theme development and work. I used to care much more than I do now. Now I try to find a pre-built child theme that looks good, make a few tweaks and move on to more important stuff…. like an ice cold IPA.
What’s your favorite theme or theme framework? Why?
Like I said, I cue on Genesis. It’s what I’ve been using for years and I know the ins and outs of the theme, the hooks, etc. I also am good friends with the folks at StudioPress and I like to support friends who make good product and maintain an excellent standing in the community we all live, breathe and make our living from.
Currently, Gravity Forms. It’s so robust, stuffed with hooks, handles form validation, extensible and allows me to not write tedious HTML for forms.
Least favorite plugin?
I hate, hate, hate, hate the s2Member plugin. It’s well-written and all, but it is so big and thorough that it’s hard to wrap my head around. I just completed a six-month development project that relied heavily on it and even after six months, I still have a hard time with it.
What’s the coolest thing you’ve ever done with Custom Post Types?
I built a plugin for a client about a year ago that organizes all the information around a conference into custom post types and made all the different data objects relate appropriately. Essentially, after activating the plugin, a conference organizer can go in and designates sessions, tracks, speakers, what roles a speaker has in a given session (perhaps a Keynote in one and a panelist in another), the days a conference runs, etc. All of this data then is handled by WordPress via postmeta and custom queries to render schedule grids, speaker lists, etc.
What do you think is the biggest challenge that WP consultants will face in 2012?
There’s still a perception in the marketplace that because WordPress is free and open-source, paid WordPress work shouldn’t be expensive. This is coming from prospective clients, and not the consultants themselves.
As more and more big names jump on the WordPress bandwagon, ticket prices on consultant work is still giving people sticker shock. It’s less so that way than a year ago, but as WordPress implements more and more CMS features instead of Bloggy features, organizations are looking harder at WordPress for solutions. Professionals get to charge lots of money because they’re professionals and the perception that “cheap web dev labor” is still the way to go, is a mentality that we have to continue to combat.
If you could change one thing today about WP, what would it be?
The WordPress import/export process is so broken it’s ridiculous. We now require PHP 5.2, so that opens up the opportunities for native JSON support. Instead of having this heavy XML format that makes PHP time out for big imports, we should have a lightweight JSON format that has more failover gut-checks. I started writing this and stopped. I may tackle it again for WordPress 3.5.
Where do you see WordPress going in the next 2-3 years?
This is a good question. I don’t know that I have an answer for it. The obvious trend is toward more CMS features and I think that trend is likely to continue. Since the switch to PHP 5.2, there has been a lot of focus on cleanup, refactoring of code to utilize more efficient methodologies that are now available, etc. That trend will continue too.
An artifact of “The Merge” in WordPress 3.0 is that a lot of Multisite code was merged in and made to work within the standard WordPress concept. But it all still needs a lot of work and refactoring. The goal was to complete The Merge and make it functional. Now we have to go back and redo a bunch of stuff in better ways.
Tell us a story where you saved the WP day for yourself or on a client project. What made the difference for you?
This is almost always a hacked site story. People always feel like they are shaken down – and in a way they most certainly are. They have a hacked site, they don’t know why, they need to hire someone to fix it, and the price is almost always astronomical.
Hey the same thing happens when your head gasket cracks on your car. Nobody likes parting with money but sometimes it just has to happen.
In almost every case, people who have their site hacked didn’t do what they needed to do to protect themselves. They were running an old version of WordPress. Their file permissions were lax.
As an example, a prominent blogger who uses WordPress went nuclear when his site was hacked. He was running an exploited version of WordPress and the security flaw that was exploited had been fixed since. But because he was running an old version, the exploit was still on his site and his site was hacked. Admittedly, I was pissed off when I wrote this article in 2009. It was my birthday weekend, Labor Day weekend and I had every intention of taking a well-earned long weekend off while I was writing the first edition of my book. But instead, I was fixing hacked sites (and charging a ton of money to do it).
What’s the biggest misconception you encounter about WordPress, and how do you clear it up for your clients?
Again, security. People love parroting the idea that WordPress is insecure because it gets targeted a lot by hackers and script kiddies. When you own over 14% of the internet market share, this kind of thing happens. The Dot Org security team is amazing though and there are currently no known exploits in core. But hey, there might be in a plugin or theme that is used. Another reason to use Genesis who pays an outside auditor to security audit their releases before sending them out to the public.
Look, folks. If you lock down your file permissions and take the necessary precautions to protect yourself, you’re going to be just fine. Nobody is breaking in to your site if you don’t leave the back door open.
If you were interviewing another WordPress developer for a job, what is the first question you would ask and why?
You have 15 minutes to write a class in a plugin that uses a WP_Http object and incorporates the media_sideload_image() function. Make it do whatever you want (I can think of some ways both things can be used for a single task).
By doing this, I want to see that the developer writes good, clean, object-oriented code, can use the WP_Http class, which I find to be one of the most important resources for plugin developers, and can figure out how to use the rarely used media_sideload_image(). The last one is not so much about the function itself, but I want to see that she has the chops to figure out a rarely-used mechanism in WordPress.
And she only has 15 minutes so I want to see that she can move quickly and efficiently through the problem.
What did I miss? Here’s your chance to fill in the blanks and add something you want people to know about you!
I’m a big believer in specialized consultants. I’m one of those. 9 out of 10 “I need a site built” inquiries I get, I decline and refer out to other consultants who specialize in that work. I tend to do big, complicated, plugin development work. If I have one piece of advice for consultants, is get really good in one area and capitalize on that.
But I don’t just have one piece of advice. The second piece of advice I’d give is work smarter, not harder. It flies in the face of the culture around small business and entrepreneurship, but working every day, all weekend and at night is a recipe for broken relationships, burnout and just not being very well-rounded. Make your rates high enough that 30% of your inquiries turn into business and that business allows you to live a comfortable lifestyle that gives you the freedom to take weekends off, take your significant other on a weekend getaway, go fly a kite with your kid and not worry about getting home to get back to work. It makes all the difference in the world.
I love that last piece of advice. You guys should go check out Aaron’s specialized and high-end plugin work at emmense.com. Don’t try and hire him for anything else though….that is, unless it involves a local craft beer.