Website security has become a hot bed over the past few years. More and more companies are joining the game in hopes of capitalizing on what they perceive to be huge opportunities. The one vector that seems to be all rave is Access Control.
Hosts are concerned with the security of their infrastructure, not with your website. This is a distinction that most website owners fail to make, and it’s made more evident to me every day.
Perhaps the thing that annoys me the most when I hear security being shared with end-users is when they get the information wrong or overemphasis on things they don’t understand or can’t support. This is the problem in the way we communicate, especially in the WordPress community.
I recently attended WordCamp San Francisco (WCSF) where Matt Mullenwegg, founder of the WordPress project and CEO of Automattic, gave his annual State of the Word. WordCamps are informal, community-organized events that are put together by WordPress users like you. Everyone from casual users to core developers participate, share ideas, and get to know each other.
The past few weeks WordPress Security has come to the forefront of the discussion again, as it often does every few months. As is often the case, it’s highly emotional and generates a lot of discussion. Chris Lema shared a post, Our discussions around WordPress security should change, and that sparked some interesting conversations.