Hacker News new | comments | show | ask | jobs | submit login
Google dedicates engineering team to accelerate development of WordPress (searchengineland.com)
188 points by ibdf 10 months ago | hide | past | web | favorite | 131 comments



So after taking over one blogging platform and mothballing it (Blogger), then wiping out a host of 200X startups with Google Reader and _then_ killing Google Reader, which effectively killed RSS... after all that Google has woken up to the fact that the last source of independent content, that's not big-media-owned or stuck in a walled garden like FaceBook is Wordpress?

And back in 2007ish I remember bloggers crying out to Google for help with some tools /APIs to help combat comment spam and Google basically ignoring it, leading to the eventual death of blog comments and blog based discussion.

Looking at all that, it's great to finally see Google trying to support bloggers - the people that have delivered some of the most interesting content in their index.

Or am I too jaded?


I still hate Google for killing Reader. I imagine its death was only a minor inconvenience in the US, but it was a sad day for internet freedom in Iran.

At the time, Iran had for a couple of years implemented an internet censorship platform, blocking access to much of the internet. Nearly all international news agencies (CNN, BBC, NPR, etc.) were inaccessible; so were most of "web 2.0".

Despite the widespread censorship, there was a large active community of independent blogs, non-sanctioned news sites, and small e-publications. The reason this structure could thrive was that even though these websites and weblogs were blocked, they were accessible through Google Reader.

Because of the way Google services were implemented, the government could not block Reader without also blocking GMail and Google Search, which was not an option. As long as authors had a way (like a not-yet-blocked VPN or a friend outside the country they could email to) to post articles, people could read them, like them, comment on them, etc. Iran's censorship was to significant degree neutralized by this setup. The community was large, strong, and thriving. They even had their own jargon: the community was referred to as blogestan [1]; Google Reader was called Gooder, etc.

And then, Google, for some (now obviously incorrect, but ultimately irrelevant to my point) financial calculation, decided to kill Reader. Just like that, overnight, the breadth of the web accessible to an average Iranian decreased by orders of magnitude. The entire community of freethinking authors and their followers disappeared. The only news websites remaining accessible were those sanctioned by the government, pushing the official narrative.

Google put a large nail in the coffin of internet freedom in Iran. For that, I will never forgive them.

[1] with the -stan suffix, https://en.wikipedia.org/wiki/-stan


Having lived in a country with similar (and fluctuating) internet restrictions, it's always interesting to see how small design decisions like that can have such significant ramifications on so many people.

I remember one SaaS product we wanted to use at our company had one major js file that had the word "proxy" in the title. The product had nothing to do with circumvention or anything but the national internet filters picked up that word and blocked it completely. Thus, we couldn't use that service at all.

Although I hate that I can't block YouTube on our metered connections with a URL whitelist as Google logins require calls to accounts.youtube.com.


> Because of the way Google services were implemented, the government could not block Reader without also blocking GMail and Google Search, which was not an option.

It's interesting that they didn't block gmail and Google search. The Chinese government did that a couple of years ago, which surprisingly didn't cause widespread criticism except among the highly educated group.


China and Russia can write their own google. Smaller nations can't.


How is it Google's responsibility to help you defy your country's onerous laws?


Google declared many times that they do care about freedom of information, do not endorse censorship, etc.

If their policies were a bit more cohesive, maybe the people who killed Reader would have remembered these declarations, and maybe decided differently.


With grave matters—the things that REALLY count—if you're able to make a difference, then it's your responsibility.


The only reason I can think of this collaboration is so Google can take advantage of WordPress ecosystem so can force AMP down to our throats by simply ignoring the open letter many people addressed to a while ago.

http://ampletter.org/


It sounds like this is the bit here. Big websites have revenue needs to switch to AMP, since Google prioritizes them in search. WordPress blogs are most of the content that doesn't need to. But if Google can push AMP down the default install path for a WordPress blog, they manage to swallow the largest segment of content they aren't currently drawing in through other means.


Agreed. Google seem to be very siloed internally. That manifests itself in confusing narratives like pushing PWAs (web) and Instant Apps (Java) simultaneously, or supporting both Chrome OS and Android.

So instead of asking how this is good for Google as a company, you have to look at whether it's good for a single project within Google. PWAs and AMP seem like the most likely candidates.


My initial thought was that blogs tend to be funded by ads. So more blog = more ads.


What I want to know is why more blogs aren’t don’t resort to mining crypto using their users browser. It can be light weight and less intrusive than an add and you still get paid while embracing the future.


Definitely not. My first thought seeing this was that Google wants to move in on Wordpress to embrace, extend and extinguish.

Makes two jaded HN readers so far :)


Imagine if Google started pushing AMP harder into Wordpress after acquiring them...


They are not acquiring the company that maintains the open source CMS known as WordPress, which is also estimated to power 24% of websites on the Internet.

They are developing free, probably open source, plugins and themes for WordPress. Also they stated that they will help develop the supported AMP plugin.

That's great. Google will make it much better. It needs help right now.

I just don't understand why people are snubbing and thumbing their noses at Google for contributing their world-class resources to making free, open source software better.

Sure, their interests align with getting a foothold in this ecosystem, but I don't think their play is to poison WordPress.

Not that your wrong for being suspicious of their motives in general. They have broken some pretty cool stuff.


I have reservations since I spent about 4 years doing backend PHP development, and IIRC when I thought of applying at Google I found that they actively block PHP for in-house projects. WP internals being PHP... I think you get the idea. Who's to say after they have established a foothold they won't push to run WP on the v8 engine and write out PHP, a language they're actively hostile to?

I've never done any WP development, but my understanding is that WP core/internals are essentially OK, but plugins have gaping security holes. I think internals are messy because WP shares the PHP philosophy of avoiding major breaking changes but their front end tooling is probably less mature (because Jesus webpack, 4 major versions in as many years, wtf)

Anyway, I hope we have reason to be optimistic here, but it looks like the beginning of something awful


With respect, your comment is not particularly well-informed concerning either PHP or WordPress. WP is not written in PHP in any modern sense of that term. They got suckered into maintaining backwards compatibility with an API written before PHP had support for classes. The codebase is entirely procedural, and cannot be modernized. WP internals are frozen in time in 2001, and WP development does not resemble modern PHP development, which has reasonably good tooling.

So, the good thing is that Google will not push WP to run on an alternate language, because the entire value of the project is its API compatibility. That's also the bad thing.


> WP internals being PHP... I think you get the idea. Who's to say after they have established a foothold they won't push to run WP on the v8 engine and write out PHP, a language they're actively hostile to?

The thing is that there would be no point in doing so (which, admittedly, hasn't stopped Google before).

Right now Google needs WordPress. Without WordPress, where is Google going to place ad spots? Facebook? And WordPress has PHP as a massive underestimated advantage - every Tom, Dick and Harry can spend 5 minutes to install WordPress on a $5 a month shared-hosting plan, something no Ruby/Rust/Go/Java/C++/Node/Erlang/Fashionable-Language-Of-The-Week can do.


Because contributing world-class resources to projects outside their ecosystem was sometimes the first step of how they and other companies acquired, ran into the ground, then shuttered otherwise successful businesses. This comment is not an attack against in you in any way, shape, or form, but an honest reply to your question.


It's ok. I appreciate your position and your reply, as well as your desire to defend good things.

I think it's important to note here that WordPress is a project, not a business or a company. I don't think Google is trying to break a community supported product that powers 24% of the web. Sure, build better doors and windows to their products. I don't see that as a bad thing. I happen to like Google, as do a large number of Internet publishers. Many of us will appreciate these efforts.


Can you give concrete examples of Google doing this? (acquiring a company just to shut it down, not using its technology)


Bufferbox is close: https://en.wikipedia.org/wiki/BufferBox . However, I did not say "acquiring a company just to shut it down, not using its technology" I said "ran into the ground".


#MeThree

Google now has WordPress as the next internet thing to embrace and than kill off.

Miced feeling here. I hate WordPress but don't like Google doing it...


Whatever animosity we as developers may feel towards WordPress, it's a huge (perhaps the single largest) tech boon to small and medium-sized businesses.

People launch online stores on it for the price of their domain name, hosting and some sweat. That is freaking cool; more projects should aspire to have that kind of impact


WordPress has a lot of hate, but what is the alternative for a non-programmer who wants to set up a site? There are tons of hosted/per month services, but not as much that’s just software based so you can host it yourself. Especially OSS.


I hate Wordpress and I'm deeply suspicious of Google motives, but I think this is a good thing.

WP is very popular, but it is terrible from an engineering standpoint. My company decided to move to WP and every time we engage a WP developer or consulting company, and I give them my engineer requirements, most of them pass. I'm talking about things like command-line deployment, publish to test servers with git, things like that. So far, only one firm has not balked at this, and they seem to be very expensive. I don't think Google will put up with this type of thing.

And, don't forget, WP is OSS. Blogger wasn't, so that's why the comparison to it are not apples to apples.


> . I'm talking about things like command-line deployment, publish to test servers with git, things like that.

If you're wanting to do that, why not just use Drupal, which has drush and drupal console. Also, drupal.org uses git for all those third party modules and themes.


> My company decided to move to WP and every time we engage a WP developer or consulting company, and I give them my engineer requirements, most of them pass. I'm talking about things like command-line deployment, publish to test servers with git, things like that.

How common is this with programmers in general though? If you frequent hackernews, you get the impression everyone does these things but this isn't going to be an accurate representation.


That's not a problem with Wordpress' engineering, infact it's a compliment. Many consulting companies work ONLY on wordpress because it is low technical. Seriously, all you need is an FTP client and any old web host and you're in business.

You do not need command-line deployment and test servers with wordpress, that's the whole point.


Yeah, because people clicking in UIs over and over to do a rote task never make mistakes.


You're clearly misunderstanding the context where this product is the clear winner then.


I wonder if anyone has numbers on RSS usage? There are way more RSS services, and better readers, now than when Google's mediocre product was dominant.


Feedly is my home page, I check Feedly, HN, and Reddit for my news daily


I use slack as my RSS notifer


Isn't Wordpress a different beast compared to Blogger in terms of it's history and the breakdown of the types of users?

Does Google or any Megacorp act monolithically over the span of a decade?

I have a conspiracy theory:

These are myths writers from Wired and PC World want us to believe in so that they attract eyeballs.

And now you sir, have recirculated these myths!


This is certainly no conspiracy. More like inconsistent and ill-considered strategy over many years. I'm sure Google genuinely wants to help Wordpress here without making a power play; it would be very much in their interests to do so - thriving independent content platforms keep the web alive and diverse which in turn reinforces the value of search.

It's just a shame that unintended consequences things like Google Reader over the years have done much to harm blogging. It could have been so much better...


It's more about Google helping Wordpress the CMS that powers 27% of the web than Google helping bloggers, IMO.


Genuine question, in your opinion why did Google killing Reader effectively kill RSS? Why did people not move to alternative products? I was never a Google Reader user myself so I never needed to move.


Not OP, but Google Reader subverted Google’s model of hosting things and getting good analytics / selling ads. It also went against Google+‘S whole idea of following feeds.

In general, Google doesn’t want to encourage stuff that lives off their cloud. RSS is the best protocol for Facebook/G+ type stuff where you want feeds and updates, but it’s harder for central control.

Google has done this with other products over the past decades. I remember when Blogger used to generate flat html that would publish to self-hosted web sites. And Google desktop that would index your local machine. Lots of stuff that fit into “organize the world’s information” mission and empowered users was discarded or deemphasized in favor of things that put Google between users and their data.


I've worked with WordPress for over 9 years and set up probably over 100 sites, but can't wait for it to die.

It's easy to setup and the ecosystem is great, but the security issues are massive and there's really no reason for content to be stored in a database for the majority of sites.

I hope a static site generator comes along with an intuitive UI for non-technical people to easily update their own content.


There are dozens of static generators, and frankly I don't think they're a great alternative. Put a cache in front of WP And you're done. Then when you want to do a redesign, you don't have to futz with dozens of static pages.

What's that? You've stored your content separately so that you can just regenerate the pages when changing site designs? It's a system for letting you manage your content separately from the rest of the mechanics or the site? The content files are stored on a journaled file system like EXT4 or NTFS? That's fantastic. It's just like a DB backed CMS that stores flat files for cache.

I'm not saying static page generators aren't useful, but I am saying that the difference between that and a cached wordpress install is virtually nil.


Caching your WordPress instance does absolutely nothing in helping with security.

I refuse to set up a new WordPress instance for any client unless they are also paying me a monthly retainer to keep it updated and secure.


If you're lucky enough to install well-written (or self-written) plugins which withstand major version updates, you can set `WP_AUTO_UPDATE_CORE` to `true` in your wp-config and it will auto-update to any latest version. There's an added risk of plugins not working, but you'll stay up to date.


WP auto update is sort of nice in that you stay updated (but who the heck knows what will happen if you have one MySQL server and multiple www servers), except it means that your webroot is writable by PHP, which is not a great thing, because someone who finds an arbitrary file write issue before it's patched (or before auto update triggers) will be able to add their own files to your webroot -- weather that's defacement, malware installers, warez drops, bitcoin mining, shells for later; it's all pretty nasty.


WP auto update is nice...until a WP update breaks the functionality! Lol. https://www.wordfence.com/blog/2018/02/broken-auto-update/


There are risks with all security protocols and you called out valid ones with auto update.

Do you have ideas for superior methods? A bit upthread someone mentioned clients paying him a monthly security retainer to monitor and update. This might be good, but pretty expensive so would price out lots of users.


Static generators are clearly superior from a security point of view -- the webserver doesn't have to execute any code. But, assuming wordpress exists; it would be best if the code ran in the a user context that could not write anything to the filesystem; and the code was installed with another user, which could do auto-upgrade via a crontab. An exploit could certainly leave persistent data in the database, but not on the filesystem at least. It would also be great if the database had separate credentials for the user facing site (mostly read only) and the admin facing site.

On the other hand, I don't know how possible that would be to setup for inexperienced site admins on commodity hosting.


We created Strattic to allow anyone to use WordPress (and eventually other CMSs) as static site generators. It's the best of both worlds. We're in private beta but you can check it out here: https://www.strattic.com.


I agree on the security superiority. I use Wordpress because my wife can maintain and update it almost entirely herself.

I’m searching for a plug-in that generates static based on the edits in Wordpress, but haven’t found any that work cleanly.

I think that Wordpress is good for its users who will never use build processes for deployment unless automated well.


> I refuse to set up a new WordPress instance for any client unless they are also paying me a monthly retainer to keep it updated and secure.

Similar, or insist a hosted solution is used.


My argument was with "why does content have to be in a DB?" CMSs exist for a reason. We moved away from static HTML for a reason. Hell, SSI has been around forever to help fix the problem of static HTML. In the end, he's talking about a CMS that generates cached output, and doesn't "run" on every page load, as opposed to an always-on CMS.


Anyone mixing content and styles/structure is doing it wrong. Making it right is literallt the sole reason static site generators exist.

I'll take HTML5/CSS and a filesystem and a few custom markup and commands any day before touching a single line of the unholy mess that is dealing with WordPress.

And not even mentioning simple hosting, secure by definition, etc...


As long as you don't need the WP admin, theme builder, or any of the functionality the various plugins provide. Static site generators are not really competition for WP. Are there sites which don't need to be on WP? Sure, but there are plenty that do make use of the administration, themes and plugins.


>I hope a static site generator comes along with an intuitive UI for non-technical people to easily update their own content.

Those people are already served well by things like Wix and Squarespace. WordPress is essentially a point and click application development tool at this point, with integrations for anything imaginable. Yes it is insanely insecure, slow, poorly designed, and bloated. But the depth of offerings from the plugin marketplace will keep WP relevant for a long time to come with people who can't afford custom development.


Wix seems to generate the slowest loading sites on the internet. Especially loading images long after page load is done. WordPress is positively supersonic by comparison.


Does Wix optimize its images between upload and delivery?

I'd be inclined to believe that this is a side effect of Wix's target market not being aware of how to optimally compress their images for web delivery.


I don’t think that’s the user’s responsibility if its designed for non technical people.


What is insecure about WordPress?

If you minimize your reliance on plugins, enable automatic updates, and harden your installation, it's pretty secure. At least I haven't had issues.

Anything can be insecure if it's misconfigured, not just WordPress.


WordPress has a history of almost embarrassing security vulnerabilities. To be fair, most PHP applications of that era have similar track records.

The newer versions have been _much_ better.


> What is insecure about WordPress?

> If you minimize your reliance on plugins, enable automatic updates, and harden your installation, it's pretty secure. At least I haven't had issues.

My guess is that it was long too easy to not do any of those things, so it gained a reputation for being insecure. They might have mitigated a lot of the problems, but bad reputations die hard.


You don’t even need all that if you just use a wordpress over at wordpress.com

That’s what I suggest all my friends who want to create a blog to do.


Static site generators, at least how they exist today, are unfortunately massively impractical for the vast majority of Wordpress users. Heck, I am a pretty technical user and even I regret moving my blog to a static generator.


Thank goodness I have found two static page generators in the wp plugin repo that actually work - I have now converted about 20 wordpress sites into static html pages and pulled the php files all down.

I could do more, but some of these sites depend on contact forms - which I know can be made outside wp - but it's extra work I can't jump into at the moment.

This has cut down the hacking on more than 20 sites - and I am doing some more as I run into them.

Tons to love with wordpress, but lots of reasons to turn it static and avoid the non-stop brute forcing of it.


Yep. I don’t understand this trend. I would never use a static blog myself unless they would offer an online administration. And it would be weird to have such a thing for something that claims to be static.


I haven't looked into this for over a decade, but that's exactly how Movable Type used to work. The blog is generated as static files by the admin interface, which is web based but can be completely isolated from the publicly facing site.


isn't that re-inventing the wheel though?


What wheel? Movable Type existed before WordPress.


There are countless CMS for static sites / blogs these days:

- https://www.datocms.com/

- https://www.netlifycms.org/

- https://www.siteleaf.com/


imo this is re-inventing the wheel, the same with a caching system in front of a database is way easier and cleaner to implement


> I hope a static site generator comes along with an intuitive UI for non-technical people to easily update their own content.

This. (Although it seems a lot of people aren't in agreement) I think there used to be an app called Cactus for Mac that had a GUI and let you generate your own site. This sort of solution could work for people 1) not technical enough to run command line site generators, but 2) technical enough to buy some hosting space to drag their static site onto. If I were a hosting company, maybe I'd explore making an intuitive site generator available for free, in the hopes it could sell some light hosting plans.

For what it's worth, my preferred site generator is Poole (https://github.com/obensonne/poole). I'm not sure why it's not better known.


> I hope a static site generator comes along with an intuitive UI for non-technical people to easily update their own content.

Does this not exist? Would love to offer that to some of my non-technical team members.


https://headlesscms.org/

My current pick of the crop: https://www.netlifycms.org/

I have no affiliation with Netlify, just my perceived benefits of Netlify CMS:

* Open source

* Static site generator agnostic

* Host the editor UI yourself

* No vendor lock-in

* Git based

P.S. These are all part of the https://jamstack.org/ movement.


Dreamweaver ... We are slowly coming full circle here :)


There are a number of them. Jekyll and Hyde are two of them. Wordpress is a security disaster, IMHO.


I can't speak for Hyde, but Jekyll requires you to edit text files which makes it unaccessible for non-technical people.


There's Netlify + GatsbyJS - takes git know-how to setup, but once you're there it's a Rich Text Editor on a webpage controlling your content


Add contentful and you have a admin dashboard and hundreds of integrations.

I set this up last week and it’s amazing. It costs $0 for my small project.

I’ve aleo rolled out it out to event websites. And they love it too.

No database is a big win for bloggers, who should focus on content and not security.


$249 lowest pricing package after you stretch out pass the free limitations.


I won’t be hitting a million hits on the api for 99.9% of my projects.


Having used both Jekyll and WordPress the learning curve wasn't even close to WordPress for getting started with your first blog entry. WordPress is an hour project, Jekyll is a weekend project.


Jekyll is a weekend project if you want to set it up from scratch. If you have 100 or so wordpress posts you want to migrate, it's a pretty long and tedious and joyless project.


> Wordpress is a security disaster, IMHO.

What specifically about Wordpress makes it a security disaster? Do you mean the plugins or actual Wordpress?


I'm not OP, but I've worked with Wordpress quite a bit in my day. To answer your question, it's a bit of column A and a bit of column B.

Over the last few years, Wordpress core had gotten quite a bit better (to the point that I have gone back to Wordpress for my personal site). But previously, the core was victim to some embarrassing security issues. In Wordpress' defence, I can't think of a single PHP application as old or as large as Wordpress that did not suffer from similar problems.

Plugins are often an unmitigated security clusterfuck. I've seen things in popular Wordpress extensions that have made me want to trade in my laptop for an abacus and go full luddite. (I've also seen some really wonderful code.) The big problem I see is that a plugin has to be extremely popular before anyone with much of a background in writing relatively secure code will ever read the code. And by that time, it's so popular that it keeps getting hundreds of installs no matter what kind of flaw you find. Some plugin developers/maintainers are incredibly diligent and helpful, but I've also been threatened with legal action (more than once) when I've disclosed some really amateur security issues.


Yes, thank you. I do get all that.

But, due to how the GP seemed to conflate Wordpress, and "everything else" I wondered what was the basis for his comment. I'm pretty clear on the security of WP itself.

> Some plugin developers/maintainers are incredibly diligent and helpful, but I've also been threatened with legal action (more than once) when I've disclosed some really amateur security issues.

Most WP plugins are terrible from a security perspective, and I've found the quickest method to resolution is to send a patch to the devs, solving the problem for them and me.


Not great if you are looking for a DIY solution, however in the SAAS space I run the Engineering team at a company that is doing essentially this, https://www.pagecloud.com . Blog (If thats what you are looking for) and some other goodies on the rapid site construction side, coming very soon.


Contentful, Hugo, or Prismic could fit this bill. There are a lot of options in the Headless CMS space.


Hugo is great but it's definitely not for the non-technical.


What’s funny is that Blogger used to have a static site generator and a decent authoring front-end. I don’t remember when they killed this feature, but it was around 2009.

They also supported some dynamic elements like comments and admin.


Wow, the Google Developer's Advocate blog post (https://medinathoughts.com/2018/01/29/wordpress-google/) sounds like Google is very serious about Wordpress.

Hopefully it leads to great stuff. Historically, there's been near zero interest in php/wordpress amongst the engineering ranks. Everyone wants to learn the Next Big Language/Library/Framework, which is understandable.

Many current/former Googlers have been interested in helping out with a project I'm involved in (GXJam.com), but the conversation ends quickly when I tell them it's WP/php/MySQL.


It'd be interested to know what percentage of WordPress sites are 'content-only' static sites. i.e. users are not logging and/or getting personalized content.

WordPress seems overkill for that niche, and this may be an opportunity to build and sell tools that allow easy publishing for static sites, given the July 2018 update.


Lots of those solutions already exist, and I looked into them.

Getting a full WordPress site up and running meant signing up for hosting, clicking a "enable WordPress button", agreeing to the (selected by default) auto-update WordPress check-box, and then going into the WYSIWYG editor.

A few hours later I had a site up and running that looks equally good on Desktop and Mobile.

The # of tools I had to learn was approx 0. The number of hosting options I had to choose from was enormous, pretty much everyone offers WordPress hosting, or one click WordPress installs. WordPress has the advantage of having an incredibly low barrier to entry.

Of course, once it gets complex, it can get really complex.


fair enough.

however, that's exactly my point. a publishing tool that allows you to publish, without learning any tools, like wordpress except faster, since google is going to start penalizing slow sites July 2018.


I saw a few of those around, the price varies a lot. The ones targeted at making a landing pages with a signup form wanted a good deal of money per month (I don't recall exact numbers, well over $30 a month, I think one of them wanted $200 up front to get started). They typically include hosting as well, which sorta makes sense as soon as you add the least bit of interactive elements (e.g. form submissions), they want to make it super simple to get up and running.


Wordpress has comments and statistics, so there is no blog that is strictly static.


Without going and counting, I'd guess well over 90% of the WordPress sites I've helped set up have had comments switched off - they're purely using WordPress as a CMS, not as a "blog".


there are still options to handle comments (disqus, facebook comments etc.) that don't need a database on your server.

there's solutions for pretty much every dynamic aspect of a blog. If wordpress is slow, and google is going to penalize your search ranking, it's worth looking into.


And by using said other options, you give control of your users to a walled garden service. Do we really want more of the internet centralised around Facebook and its ilk?


Maybe then Talkyard (https://www.talkyard.io/blog-comments) is interesting to you:

It's hosted & serverless, like Facebook and Disqus.

But at the same time, it's open source, so you will be able to export your comments from Talkyard's servers, install Talkyard yourself and import the comments.

(But I haven't yet built export and import functionality :- P )


WordPress by itself is pretty fast, but some 3rd party plugins really add up to load times by making lots of queries to database and loading unoptimized or unnecessary assets. In mean time most online WP tutorials "solve" issues by suggesting to install yet another plugin.


Really 99% of the arguments I hear about WordPress are because of the community of "developers". Don't get me wrong, there are tons of great developers in the community that are actively working on great features for WordPress either in the form of core or plugins. What I'm specifically referring to are content maintainers that know some CSS, use themes like Avada, and know their go-to plugins to make bloated and convoluted, hard-to-maintain sites.

Really I think where WordPress actually lacks is in the API department. The almost non-sensical approach to partially implemented OOP kills any ambition I have to create a site without my own weird abstraction layer I wrote on top of it all.


Wordpress has built-in REST API, beginning from their 4.7 release. http://v2.wp-api.org/


I'm talking about their PHP API


What gave you the impression that WP was object-oriented?


I guess you're right, it's really not. Some things are broken out into objects (WP_Post, WP_Term, etc) but I'm pretty sure that's only to utilize the PHP object cache


WP was itself released a little after PHP acquired classes; before that PHP was purely procedural. However, WP was a fork of an older project, and they kept things procedural in order to maintain backwards compatibility with the previous project. One cannot fault them for that decision in that context. However, apparently we are stuck with the consequences for the foreseeable future. On that basis, I wish that Google were not investing any further time and effort into what I sincerely hope can be described as the last popular procedural codebase in existence.


How long until WordPress themes are all AMP-enabled as a part of WP core and the option is enabled by default?


It's already the case.


That is not true, you need a plugin to enable AMP.


I wonder if this is intended to be competition with managed Wordpress providers such as WP Engine? the article doesn't distinguish between Wordpress.org (domain.wordpress.org) and Wordpress.com (self hosted) platforms. Perhaps both, with such a large partnership. But in the developer's linked blog post he seems to be referring to the self-hosted platform by mentioning themes and plugins. Very interested to see how this progresses.


Yeah, it reads like self-hosted is their focus. Make sense too.

If Google offered a WP hosting solution (a la WP Engine) on the Google Cloud, I'd be very very interested. I don't think Google will do it anytime soon though.


WP Engine is a GCP partner: https://wpengine.com/try/google-cloud-platform/

And GCP has a page dedicated to Wordpress: https://cloud.google.com/wordpress/

(I work for GCP)


Yes, I've seen GCP documentation on WP get better and better each year. Still very different from a managed-hosting offering like WP Engine.

Can you put me on GCP/WP waitlist if such an offering is in the works? ;)


Thanks for the info!


Maybe this bug I filed two years ago about how WordPress loads every version of a post into memory when you go to edit it (and does that three times) will finally get fixed? "High memory usage ( and possible server error) editing post with many/large revisions" https://core.trac.wordpress.org/ticket/34560 "Right now, you will unhappily see "500 server error" and "white screen of death" results eventually if you, say, edit a 400K page for hundreds of revisions, even with a 256MB server memory limit. ... So, it seems that WordPress was indeed loading all the revisions of a post three times when editing it with the edit_form_advanced: once to count the revisions, once to list the timestamps and other metadata of the revisions, and once to check for the latest autosaved revision (if any)."


Wordpress runs major league newspaper sites too. Not to disrespect the blogoverse, but there may be a direct efficiency statement for major time, ad revenue sources of daily news. Google may well be feeding the beast, to feed themselves, but not blogs per se: blogging s/w for news websites.


Just last night I found myself watching some Wordpress-related videos on the Chrome Developers Youtube channel [0], building on a talk given at the Chrome Dev Summit last year [1]. The Docker implementation is something I'd been considering for a complex Wordpress install recently, so it caught my eye. Building in more PWA features is no harm either.

I have no idea what it all means for the bigger picture of Wordpress/Google/Automattic, but these are nice little tips and ideas to start with anyway.

[0] https://www.youtube.com/watch?v=jav5hPmUaUw [1] https://www.youtube.com/watch?v=Di7RvMlk9io


If deploying WordPress using Docker, and WordPress scalability interests you, please have a look at this [0] article I wrote, as it shows how you can get a really good WordPress install up and running. I used containers and deployed on CoreOS (yes, it is a bit old -- Kubernetes was not very stable back then). For the deployment stuff, you can read that here [1].

[0] https://www.linkedin.com/pulse/scalable-wordpress-architectu...

[1] https://www.linkedin.com/pulse/automation-scalable-wordpress...


I recently started running some WP sites (and some non-WP as well) via Docker containers on a Digital Ocean droplet. Building a docker-compose file for each site and defining volumes allows the container to be updated or replaced while keeping data & content intact (if passed in via volumes). Orchestrated using Traefik for reverse proxying and SSL certs. Wouldn't want to go back to setting up sites manually.


Glad to see more pro coders helping with wordpress, if ya'll get a few extra hours, buddypress could use some help too! and that could put the screws to fcbook if someone makes an easy to deploy droplet / docker / nextcloud like thing with a few plugins and anti-spam / privacy settings.

Unfortunate that this announcement has the cloud of Google over it. Just about anything google is untrusted and tarnished, not just in the tech circles that know how it profits at the expense of others, but more and more by average people who are getting a clue that google today is nothing like it once was, or once tried to make itself be perceived anyway.

More and more searches are censored, more ads on screen and less of the interesting things to find, services killed off, no customer service, frustrated web site owners... I still have a smidgen of hope for google fiber, but the rest of the brand is not much different than fcbook in my mind, and many others are starting to see the tech companies that put money ahead of giving people what they really expect.

This announcement would get more exiting cheers if it read "ex-googlers team of engineers to help dev wordpress"

Of course we all wonder if the politics that hit the browsers and standards will come to play - but honestly it would make sense to help shore up a product that runs so much of the web, even if google wasn't trying to get it's claws deeper into other software - just producing faster sites that are hacked less will help with the google search results - so just that alone is win win win.

I'm cleaning up hacked wp sites tonight actually, yay.


Sounds like a good thing! My company's WordPress site[0] takes 4-8 seconds to load, with a couple paragraphs of text and a few images.

To be fair, I should really switch it over to being a static site, I am using a complicated templating engine to pop out a few paragraphs.

Of course that is the ultimate irony about WordPress. Like any other swiss army knife framework, it will always be slower than a proper dedicated tool.

Another issue (one that a lot of modern development practices share) is that WordPress lets you quickly pull in components to Get Things Done Quick, but those components pull in more dependencies. I was looking at adding some more smooth scrolling effects, and the suggested way was to pull in jquery (fair enough), even though the template I'm using already pulls it into the page. Repeat that a dozen or so times to get the page looking Just Right, and, well, there goes perf.

[0]https://www.thawd.net/


There's no reason a PHP based site should take that long to load. It would seem that you are missing some caching settings, regenerating something every page load, or have something wrong with your server setup.

Make sure you are using a recent version of PHP and appropriate WP caching plugins.

Also check to see if your DB is hanging when a connection is made to it, perhaps due to trying to reverse lookup the IP for logging purposes and waiting for that to time out, or something else simple like that.


> There's no reason a PHP based site should take that long to load. It would seem that you are missing some caching settings, regenerating something every page load, or have something wrong with your server setup.

Out of the box settings, ugh.

Full second to parse jquery, 1/2 for jquery, 1/2 for jquery migrate. Something called wp-emoji-release.min.js is taking another 396 ms.

And this is after repeatedly visiting the page in my browser. I thought the browser was supposed to cache stuff? Heh.

Then again, according to Chrome, the page only took 1.4 seconds in total. I'm wondering where the remaining 4 seconds of me staring at an empty browser tab is coming from. :/

Then again, switching pages on my WordPress admin page takes ~6 seconds, so I think there is just a significant probability than my VPS has miserable performance.

Edit: Installing a caching plugin makes the page load not as horribly slow. It is at 3 seconds now, which is still 2 more than I'd like, but at least acceptable.


Look at the Cache-Control header and see if the site is telling the browser not to cache the JS.

Also, look at the time-to-first-byte . . . if that is high, maybe further tweaks to the cache plugin settings may help you. If you are not using at least PHP version 7.0 you will get a noticable improvement by getting to that as well.


Even with an online-shop attached (WooCommerce) + bigger product catalog it shouldn't take more than 1.5 to 3 seconds to load without optimization from my experience. Putting some caching in front of it further reduces loadtime. Cloudways is nice to manage WP, they just use a Digitalocean droplet and give you caching/Letsencrypt/updating pre-configured via a simple interface.


I'm not too happy with DreamHost's base level VPS. It makes the upsell to their own WordPress hosting solution feel rather suspicious.

Then again not having root on my own VPS, and having multi-week outages of the managed apps that supposedly are the reason for me not having root, also contribute to my lack of overall happiness.

That said, super nice support reps. Just wish they would actually fix my issues. :/


I think you're overreaching by blaming Wordpress.

By far, the bulk of the time loading your site is TTFB or Time Till First Byte for your website. That could mean that your hosting company is extremely slow, your theme is doing something very awkward, you have a million plugins running, or something along those lines.


Just use W3 Total Cache. I use it on my site and it works great.

e.g., https://johnrockefeller.net/block-all-web-notifications-in-f...


Goodbye Wordpress.


Hope some of these speed tweaks make it into other CMS like Drupal.


maybe it gets object storage?




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: