WordPress

No, you should not. You should let us worry about them, and go back to your business.

Seriously, we're getting questions from all kinds of people about whether this matters. I'm a bit surprised that there is any question about that. Would you be concerned if your top salesperson was selling for somebody else? If your cashiers were jotting down credit card numbers when they charged a card? If your office became a well-known spot for illicit drug or gun dealers? If your office had a bunch of scammers squatting and running a pyramid scheme? If your confidential client information could be revealed as easily as using a bic pen on an old Kryptonite lock?

We've seen some variation of every single one of those scenarios. And all of them are possible with a remote code execution flaw in a web application, like yesterday's Drupal security vulnerability.

And yet people still

Drupal security updates generally come out on Wednesdays, to try to streamline everybody's time. WordPress security notices come out... well, whenever whichever feed you subscribe to bothers to announce something.

In September, Freelock was recognized as a leading web development company in Seattle by Clutch.

DevOps is the union of development, operations, and quality assurance -- but it's really the other way around.

As I write, we're in the midst of a big Ransomware attack. Millions of computers have been infected, with their data encrypted, held ransom pending an extortion payment or deleted. Supposedly.

WordPress versus Drupal. Republican versus Democrat. Two debates where the differences seem so broad, people can't even seem to agree upon fundamental facts. Why? Why is it so hard to find an objective, clear comparison of WordPress and Drupal? I've had several people ask this.

I was talking with a new client the other day who spends a lot of money on Search Engine Optimization (SEO) and Search Engine Marketing (SEM) to try to get people to visit his online store. And yet his blog -- what search engines value most -- was on wordpress.com.

Why do websites get hacked? Websites get hacked for a bunch of different reasons:

A question came across the Drupal Developer's list today asking whether Drupal could auto-update itself, like WordPress. As someone who thinks about security a lot, the very thought of this horrifies me.

It's a bad idea for several reasons, but the biggest reason:

Mike asks,

I came across your site as i'm a member of NWEN.  My current site is built on a wordpress template and I want to change it as it's pretty rough.  What are the pros/cons of having a site built with Drupal vs. word press?