WordPress

This article is about the self-hosted blog software. For the free blogging service, see WordPress.com.

WordPress

WordPress's default configuration
Developer(s)	Matt Mullenweg, Ryan Boren, Donncha O Caoimh
Stable release	2.7.1 / February 10, 2009; 15 years ago (2009-02-10)
Repository	core.trac.wordpress.org/browser
Operating system	Cross-platform
Platform	PHP
Type	Blog publishing system
License	GNU General Public License version 2
Website	http://wordpress.org/

WordPress is an open source blog publishing application. WordPress is the official successor of b2\cafelog which was developed by Michel Valdrighi. The latest release of WordPress is version 2.7.1, released on 10 February 2009.

Features

WordPress has a templating system, which includes widgets that can be rearranged without editing PHP or HTML code, as well as themes that can be installed and switched between. The PHP and HTML code in themes can also be edited for more advanced customizations. WordPress also features integrated link management; a search engine-friendly, clean permalink structure; the ability to assign nested, multiple categories to articles; multiple author capability; and support for tagging of posts and articles. Automatic filters that provide for proper formatting and styling of text in articles (for example, converting regular quotes to smart quotes) are also included. WordPress also supports the Trackback and Pingback standards for displaying links to other sites that have themselves linked to a post or article. Finally, WordPress has a rich plugin architecture which allows users and developers to extend its functionality beyond the features that come as part of the base install.

History

b2\cafelog, more commonly known as simply b2 or cafelog, was the precursor to WordPress. b2\cafelog was estimated to have been employed on approximately 2,000 blogs as of May 2003. It was written in PHP for use with MySQL by Michel Valdrighi, who is now a contributing developer to WordPress. Although WordPress is the official successor, another project, b2evolution, is also in active development.

WordPress first appeared in 2003 as a joint effort between Matt Mullenweg and Mike Little to create a fork of b2.^[1] The name WordPress was suggested by Christine Selleck, a friend of Mullenweg.^[2]

In 2004 the licensing terms for the competing Movable Type package were changed by Six Apart, and many of its users migrated to WordPress – causing a marked and continuing growth in WordPress's popularity.^{[citation needed]}

In 2007 WordPress won a Packt Open Source CMS Award.^[3]

Releases

"Create New Post" page of the WordPress administration interface. Version 2.5

Most WordPress releases are code named after well-known jazz musicians starting after Version 1.0

WordPress .70 was released on 27 May, 2003 and contained the same file structure as its predecessor, b2\cafelog. Only 0.71-gold is available for download in the official WordPress Release Archive page.

WordPress 1.2 was code named Mingus (after Charles Mingus), and released on 22 May, 2004. It's notable for containing the support of Plugins. The same Plugin identification headers are still used unchanged in the latest WordPress releases.

WordPress 1.5 was released on 17 February, 2005 and code named Strayhorn. It added a range of new vital features. One such is being able to manage static pages. This allows content pages to be created and managed outside the normal blog chronology and has been the first step away from being simple blog management software to becoming a full content management system. Another is the new template/theme system, which allows users to easily activate and deactivate "skins" for their sites. WordPress was also equipped with a new default template (code named Kubrick^[4]) designed by Michael Heilemann.

WordPress 2.0 was released in 31 December, 2005 and code named Duke. This version added rich editing, better administration tools, image uploading, faster posting, an improved import system, and completely overhauled the back end. WordPress 2.0 also offered various improvements to plugin developers.^[5]

On 22 January, 2007, another major upgrade, WordPress 2.1, code named Ella, was released. In addition to correcting security issues, version 2.1 featured a redesigned interface and enhanced editing tools (including integrated spell check and auto save), improved content management options, and a variety of code and database optimizations.

WordPress 2.2, code named Getz, was released on 16 May 2007. Version 2.2 featured widget support for templates, updated Atom feed support, and speed optimizations.^[6] WordPress 2.2 was initially slated to have a revised taxonomy system for categories, as well as tags, but a proposed revision led to the feature being held back from release.^[7]

WordPress 2.3, code named Dexter, was released 24 September, 2007. Version 2.3 features native tagging support, new taxonomy system for categories, easy notification of updates as well as other interface improvements. 2.3 also fully supports Atom 1.0 along with the publishing protocol. WordPress 2.3 also includes some much needed security fixes.^[8]

WordPress 2.5, code named Brecker, was released 29 March, 2008. Developers skipped the release of version 2.4 so version 2.5 contained two releases worth of new code. WordPress 2.5 saw a complete overhaul of the administration interface and the WordPress website was also redesigned to match the new style.^[9]

WordPress 2.6, code named Tyner, was released 15 July, 2008. It contains a number of new features that make WordPress a more powerful CMS: you can now track changes to every post and page and easily post from wherever you are on the web, plus there are dozens of incremental improvements to the features introduced in version 2.5.^[10]

WordPress 2.7, code named Coltrane, was released December 11, 2008. It once again saw the administration interface completely redesigned. It also introduces an automated upgrade feature, and automatic installation of plugins from within the administration interface.^[11]

Vulnerabilities

BlogSecurity currently maintains a list of WordPress vulnerabilities,^[12] though this list currently tracks vulnerabilities only up to version 2.3. Secunia keeps a more recently updated list^[13].

In January 2007, many high-profile Search engine optimization (SEO) blogs, as well as many low-profile commercial blogs featuring AdSense, were targeted and attacked with a WordPress exploit.^[14]

A separate vulnerability on one of the project site's web servers allowed an attacker to introduce exploitable code in the form of a back door to some downloads of WordPress 2.1.1. The 2.1.2 release addressed this issue; an advisory released at the time advised all users to upgrade immediately.^[15]

In May 2007, a study revealed that 98% of WordPress blogs being run were exploitable because they were running outdated and unsupported versions of the software.^[16]

In a June 2007 interview, Stefen Esser, the founder of the PHP Security Response Team, spoke critically of WordPress's security track record, citing problems with the application's architecture that make it unnecessarily difficult to write code that is secure from SQL injection vulnerabilities, as well as some other problems.^[17]

Multi-blogging

WordPress supports one weblog per installation, although multiple concurrent copies may be run from different directories if configured to use separate database tables.

WordPress Multi-User (WordPress MU, a.k.a. WPMU) is a fork of WordPress created to allow simultaneous blogs to exist within one installation. WordPress MU makes it possible for anyone with a website to host their own blogging community, control, and moderate all the blogs from a single dashboard. WordPress MU adds eight new data tables for each blog.

Lyceum is another enterprise-edition of WordPress. Unlike WordPress MU, Lyceum stores all of its information in a set number of database tables. Notable communities that use Lyceum are TeachFor.Us^[18] (Teach For America teachers' blogs), BodyBlogs and the Hopkins Blogs.

In 2008 Andy Peatling joined Automattic to continue his work on BuddyPress - a plug-in extension of WPMU that is adding missing community features to WordPress^[19].

Developers

WordPress development is led by Ryan Boren and Matt Mullenweg. Mullenweg and Mike Little were co-founders of the project.

The contributing developers include:

• Dougal Campbell
• Mark Jaquith
• Donncha Ó Caoimh
• Andy Skelton
• Michel Valdrighi
• Peter Westwood

Though much developed by the community surrounding it, WordPress is closely associated with Automattic, where some of WordPress's main contributing developers are employees.^[20]

WordPress is also in part developed by its community, among which are the WP testers, a group of people who volunteer time and effort to testing each release. They have early access to nightly builds, Beta versions and Release Candidates. Upgrading to these versions, they can find and report errors to a special mailing list, or the project's Trac tool.

Sponsored themes

WordPress Template Hierarchy

On 10 July 2007, following a discussion on the WordPress ideas forum^[21] and a post by Mark Ghosh in his blog Weblog Tools Collection,^[22] Matt Mullenweg announced that the official WordPress theme directory at http://themes.wordpress.net would no longer host themes containing sponsored links.^[23] Although this move was criticized by designers and users of sponsored themes, it was applauded by some WordPress users who consider such themes to be spam.^[24] The official WordPress theme directory ceased to accept any new themes, including those without sponsored links, shortly after the announcement was made. ^[25] Ironically, the closure of the official site and its consequent lack of up-to-date themes drove many people into downloading themes from unofficial sites which inserted their own spam links into all themes downloaded from them. ^{[26] [27]}

On July 18, 2008, a new theme directory opened at http://wordpress.org/extend/themes/. It was styled along the same lines as the plug-ins directory.^[28] Any theme that is uploaded to it will be vetted, first by an automated program and then by a human.

On December 12, 2008, over 200 themes were removed from the WordPress theme directory as they did not comply with GPL License requirements.^[29][30]

iPhone and iPod Touch app

On 11 July 2008, with the launch of iTunes App Store by Apple, WordPress has also released its native app for iPhone and iPod Touch^[31] The WordPress app has some of the features that the WordPress Admin panel has. This app works with WordPress.com and many WordPress.org blogs.^{[citation needed]}

Criticisms

Criticism of WordPress has often centered on security; many security issues^{[32] [33]} have been uncovered in the software, particularly in 2007 and 2008. According to Secunia, WordPress currently (as of April 2009^[update]) has 7 unpatched security advisories (out of 32 total), with a maximum rating of "Less Critical"^[34].

See also

• Comparison of content management systems
• WordPress.com
• Browse Happy

References

1. "WordPress › About". wordpress.org. Retrieved 2007-03-04. WordPress started in 2003 (…)
2. "Big Pink Cookie". Retrieved 2009-03-10.
3. http://www.packtpub.com/open-source-cms-award-previous-winners
4. Kubrick at Binary Bonsai
5. WordPress › Blog » WordPress 2
6. WordPress › Blog » WordPress 2.2
7. [wp-hackers] 2.2 release
8. WordPress › Blog » WordPress 2.3
9. WordPress › Blog » WordPress 2.5
10. WordPress › Blog » WordPress 2.6
11. WordPress › Blog » WordPress 2.7 “Coltrane”
12. BlogSecurity » Blog Archive » WordPress BlogWatch
13. Secunia WordPress 2.x Vulnerability Report
14. WordPress Exploit Nails Big Name Seo Bloggers | Threadwatch.org
15. "WordPress 2.1.1 dangerous, Upgrade to 2.1.2". WordPress.org. 2 March 2007. Retrieved 2007-03-04. {{cite web}}: Check date values in: |date= (help)
16. Blog Security | Survey Finds Most WordPress Blogs Vulnerable
17. BlogSecurity » Blog Archive » Interview with Stefan Esser
18. TeachFor.Us » TeachFor.Us News » Thanks are in order
19. http://ma.tt/2008/03/backing-buddypress/ Backing BuddyPress by Matt Mullenweg March 4th, 2008
20. About « Automattic
21. "Idea: Remove Sponsored Themes from WordPress.org". WordPress Ideas. Retrieved 2007-08-20.
22. Mark Ghosh (2007-07-10). "No Sponsored themes on WeblogToolsCollection". Retrieved 2007-07-18.
23. Matt Mullenweg (2007-07-10). "WLTC High Ground". Retrieved 2007-07-18.
24. Lorelle van Fossen (2007-07-11). "It's Official. Sponsored WordPress Themes Are Out". Lorelle on WordPress. Retrieved 2007-07-25.
25. Matt Mullenweg (2007-07-15). "Version 3.0". Retrieved 2008-05-18.
26. Mark Ghosh (2007-08-04). "WARNING: TemplatesBrowser dot com". Weblog Tools Collection. Retrieved 2008-05-18.
27. Mark Ghosh (2007-11-09). "Blogstheme.com WARNING". Weblog Tools Collection. Retrieved 2008-05-18.
28. Joseph Scott (2008-07-18). "Theme Directory". WordPress Blog. Retrieved 2007-08-20.
29. http://www.blogherald.com/2008/12/12/200-themes-removed-from-wordpressorg-matt-explains-why
30. http://www.problognews.com/2008/12/wordpress-targets-premium-themes-for-deletion
31. "Idea: WordPress App For iPhone and iPod Touch". WordPress iPhone & iPod Touch. Retrieved 2008-07-12.
32. "Wincent Colaiuta". 2007-06-21. {{cite web}}: Check date values in: |date= (help)
33. "David Kierznowski". 2007-06-28. {{cite web}}: Check date values in: |date= (help)
34. "Secunia Advisories for WordPress 2.x". 2009-04-07. {{cite web}}: Check date values in: |date= (help)

Further reading

• Douglass, Robert T. (2005). Building Online Communities With Drupal, phpBB, and WordPress. New York: Apress. ISBN 1-59059-562-9. {{cite book}}: Unknown parameter |coauthors= ignored (|author= suggested) (help)
• Hayder, Hasin (2006). WordPress Complete. United Kingdom: Packt Publishing. ISBN 1-90481-189-2.
• Langer, Maria (2006). WordPress 2 (Visual QuickStart Guide). USA: Peachpit Press. ISBN 978-0321450197. {{cite book}}: Unknown parameter |coauthors= ignored (|author= suggested) (help)

External links

• WordPress official site, including documentation
• WordPress MU official site, including documentation