This Week in WordPress #175

[00:00:00] Nathan Wrigley: It's time for this week in WordPress episode, number 175 recorded on Monday the 23rd of August, 2021. This episode entitled, should I get a standing desk this week? I'm joined by Michelle Frechette and Tim Nash. As we talk about the WordPress news, my regular co-host Paul Lacey, he's having a bit of a break, but he'll be joining us next week.

And so the news that we talk about this time around is a discussion about whether or not WordPress is getting harder and harder to work with, especially if you're somebody new to the platform. There's also been a bit of controversy about some plugins being rejected from the wordpress.org repository because they start with the prefix WP.

What does all that mean? Also? Automatic is now valued at a staggering $7.5 billion. I've no idea how that happened, but we talk about that. We also get into the idea that the hackers they're getting smarter and smarter. And what does this mean for us? How is it that they're able to hide their code?

Wordfence has an article this week. We also discussed the fact that the Pagebuilder summit is coming around again. They need some sponsors. So the word camp, U S actually they need speakers. And finally, we talk about whether or not I should get a standing desk. It's all coming up next on this weekend word.

This week in WordPress was brought to you by AB split test. Do you want to set up your AB split tests in record time, then you AB split test plugin for WordPress. We'll have you up and running in a couple of minutes. Use your existing pages and test anything against anything else. Buttons, images, headers, rows, anything.

And the best part is that it works with element or beaver builder and the WordPress block editor. Go check it out and get a free demo at AB split. test.com. Hello? Hello. Hello. How are you doing? That's the wrong spring. It's a good start. Isn't it. Let's

put the things that matter on the screen as always this week in WordPress, we come to you 2:00 PM, UK time every Monday, unless I'm on holiday, which I have been recently, but we're back and we've got two lovely guests today. We've got. You got Tim Nash joining us from the UK and we've got Michelle Frechette joining us.

The U S L is a stupid o'clock. Tim is at the same time as me still stupid. O'clock sorry. Oh, these are the wrong time of day. I don't know if you guys want to introduce yourselves, that would probably be the easiest thing to do because I'm trying to multitask poll normally does the spit, but Paul Lacey, you may have noticed there's a great big hole in the screen.

Paul's had a holiday which he's currently on. And so he's not here this week and he normally does the introductions. So I'm going to, I'm going to let Tim introduce himself first. So Tim, tell us who you are.

[00:03:06] Tim Nash: My name is Tim Nash. I'm a WordPress security consultant. But at the moment I'm enjoying the summer holidays with my daughter.

[00:03:14] Nathan Wrigley: Nice. That's good. Thank you so much short and to the point and Michelle tell us who you are. So

[00:03:21] Tim Nash: I

[00:03:21] Michelle Frechette: am the director of customer success for give WP, which is now part of liquid web, as well as being the podcast barista over at WP coffee.

[00:03:30] Nathan Wrigley: Talk, thank you so much. When you said that I was expecting you to say stellar WP but it's, it's actually liquid web, is it?

Which in turn is owned by Starbucks.

[00:03:41] Michelle Frechette: So liquid web is the parent company. Okay. And stellar WP is the umbrella under which all of the software sits. So if you are looking for cadence blocks, so the event calendar give I themes that is all under the brand of stellar.

[00:03:56] Nathan Wrigley: Okay, thank you. That makes perfect sense.

Now. Thanks so much. If you want to join us, then feel free to do that. The easiest way to do that is just to comment wherever you may be. If you're on Facebook, then you'll need to do an additional thing. And that is this go to chat.restream.io forward slash FB, and that will enable Facebook to provide your avatar.

And so I'm really surprised that Facebook, even have this requirement, seems like they're quite happy to share almost everything about everybody, but there you go. If you want to be D anonymous, Go to that link. If you've got any questions during this, we'll try to put up as many as we can as time goes on.

But yeah, feel free to say hi and tell us where you're coming from. It looks like we've got one in already. Cameron who's here basically every single week, which I very much appreciate Cameron. Yeah, it's great. Cameron's in Australia. And he says, what have you done with Paul Lacey? And where did you hide his body?

I've hidden it in a caravan. I think somewhere down on the south coast of the UK, with his family, which is quite a nice thing to do with him. And maybe he's listening to it now. That'd be hysterical if he was listening to it now getting told off okay. Let's get cracking and talk about the WordPress stuff for this week.

If that's all right, just to let you know, this is our website, WP belts.com. You can find all of the bits and pieces over there. If you fancy keeping in touch with the stuff that we produce, fill in that little email form there, and we'll send you a newsletter just to tell you about the two bits of content that we produce each week.

Moving right along. We are going to, first of all, talk about WordPress and its kind of future, if you like, because there was a few bits and pieces that went back and forth, it was a bit like tennis over the last week or so primarily. Just in Tadlock was talking in content in the context of Mathias Ventura.

And the conversation kind of was around the fact that these days, if you are a new person to WordPress, it may be significantly more difficult for you to actually get things done. We're not talking about if you just log in and you point click drag and so on, like you might do with a page builder, but if you want to do things, for example I don't know, building blocks or extending WordPress and so on, then that might be a little bit more difficult.

I'm really out of touch with all of this in terms of actually building stuff and client websites and all of that kind of stuff, because I've obviously moved into kind of content creation a little bit more these days. I'm just curious as to which side of the fence you fall on. Maybe that you sit on the fence and think it's as easy as it ever was.

Maybe with gotten bugs requirements, for knowledge of react and JavaScript and all of that kind of stuff. You think it's more difficult? So let's kick off with Tim. If he's got a response to this.

[00:06:43] Tim Nash: I think on the whole I'm slightly sitting on the fence, but I will explain why, first of all, Gutenberg has made being a WordPress front-end developer.

I think significantly harder while at the same time, all the new bits we've liked things like theme J song files and all the new theme stuff that's coming on board soon will make our lives easier. So you're in the sort of states at the moment where things are both incredibly hard and getting easier.

But as a general WordPress developer, just getting started now is confusing five years ago. If you wanted to be a WordPress developer, your core skill was PHP. And then HTML and CSS was really useful. JavaScript. As long as you, it was pretty much, we lived in the world of jQuery and most people could hack their way around it now.

You really do have to have a good understanding of JavaScript to do things well, you can still hang around with PHP and do quite well. But if you want to do stuff with Gutenberg, you can use things like ACF blocks that will help you get some way still using pick your PHP skills. But those skills are to adopt to a JavaScript world.

And unfortunately, the JavaScript world is not a pleasant one to work in for many people. It is confusing, so you only have to say, how do I create a block? And someone's going to say, oh you need to do is you NPM this? And yeah. Okay. Let's go back 10 steps to what is NPR know okay. And what's Webpack.

And how does this work? What's golf. And why is grunt here and why do I have four package managers to do just one. So it all gets really confusing. And it's obviously moving at a really fast pace, which is particularly goaling to the PHP developers who have been desperately trying to get WordPress to move at a faster pace on the PHP side and gets hold of wound, no backwards compatibility.

You can't have, you can't have composer for package management. Happily can have for other package managers for JavaScript, but you can't have one for PHP. So you get this sort of rubbing this rub against the sort of conflicting views. On the plus side, we got much better document. And some really clever people who know what they're doing and are teaching, which is a good thing, which is when we didn't have before.

So it is possible to learn this stuff. But yeah, if you're just, if you're coming as an existing developer in a small agency, I can totally simplifies and understand why you're frustrated as anything as a complete newbie. It might actually be a better experience, but I'm not sure I would, if someone was a complete newbie developer, I'm not sure I would recommend WordPress as their sort of way to do their training if you like anymore.

Whereas I might've done a few years ago. I don't think I would now want to say, come to WordPress once you've been somewhere else, which I think is a bit of a sad, but I think that will get them the prerequisite skills. They will then need to use WordPress.

[00:09:39] Nathan Wrigley: Yeah. It's curious. The, some of the things that you said, obviously you're reflected in this article and some of the other things I hadn't really given any thought.

Yeah. The, not the documentation. You said like tutorials and what have you. That's true now that we've got LMSs and all of that kind of stuff built into WordPress. There's a lot of people, Joe Casabona was on the podcast recently and he's got a little course, which he sells online. And there's various other people with, YouTube channels and they're really interested.

You've got people like Anne McCarthy, you were making great efforts to put out content to get people involved in the project and so on. Yeah. So I hadn't really thought about that side. And interestingly, in this article, they make the point that even though the documentation is probably better than it was, they still feel that there's a lot of catching up to do and making it look nice is also part of the thing, putting in screenshots that are appropriate, but keeping up with that kind of stuff is a task.

Okay. Anything on your side? Recommend.

[00:10:38] Michelle Frechette: First of all, I'm friends with Chris and he had no idea that tweet and that post are going to blow up the way they did. He's been getting contacted by magazines and people outside of WordPress to do interviews, which he's declined.

But yeah, but he seriously hit a hit a nerve with all of that information. It, what's interesting is, over on the underrepresented in tech dot com podcast, Allie and I have been talking about education, the requirements of education, the privilege that comes with education. But when you start to talk about changes like this, a background, a degree in certain kinds of development aren't necessarily created to help you here either, right?

Because the pace is going so quick. So in a way it's, the privilege is different than did you have the money to go to college? You're not going to college as much as do you have the time and the effort and the energy in your life that it takes to continue to, learn all the new stuff that's being brought forward.

You know, if you don't have the time to read the great documentation, does that help you at all? All those kinds of things. So it really is interesting. It's definitely a different WordPress that I started using, almost 10 years ago. So it's everything, everything changes the way I like to say it is.

Everybody was completely up in arms when Facebook changed its late. And none of us remember what the Facebook layout was before the current one. So this is a little different. I understand that, coding is, is very much different than what does my screen look like? But the truth is when you say things like it's changed in and I think really to speak to Tim's comment about if you're coming in as a new developer, if this is the way it's always been, then you're going to learn it this way and you don't have, the history behind it.

I said the same thing about Gutenberg when it first came out, I wasn't, I stopped teaching WordPress because I had to learn at first, whereas people who were coming into WordPress for the first time, it was native to them. And so for that point, they just started using it and they didn't have as much of a learning curve as those of us who have been using it the way we always did in the past.

[00:12:54] Nathan Wrigley: Yeah, it's interesting. Cameron's Cameron, just to your point there Michelle Cameron makes a similar point. You said someone I know pointed out that the reason react dev is so much harder is that you can't build iterative. Iteratively goes on, say PHB, you can just. Echo world. Hello. And it works to output the same with react takes hours of setup, which yeah, I guess is a good point.

If you if you have to do a boatload of stuff before you can get anything happening that might just put people off. Interesting though, there was something in here about building block plugins, and can't be certain that I'm going to get the right point in the article. But Justin made the point that there were a few people who had found it really easy do things, building their own blocks with the setup that they've got at the moment than they did before.

They didn't regard themselves as developers, basically designers, but they were able to throw a few things together with a few hours of tutorials and wish I could find the wish I could find the bit curiously. This article ends about this thing called the boss actor, which I never heard of before reading it.

The bus factor is basically. People important to the pop project accidentally get hit by a bus. And are we at a point now or are we heading into a point in the near future where a few key people. Being hit by a bus or just getting bored and walking away or having something else to do might mean that the project stagnates and doesn't move forward.

And it does, it does feel like there are certain key people who, if they decided to do things different and have a different life away from WordPress, we could be in a bit of bother.

[00:14:30] Michelle Frechette: That's you're going to say if they decided to get hit by a bus that I'm really

[00:14:32] Nathan Wrigley: glad to, right? Yeah. Yes, no, we won't get into that.

Okay. Nothing else to add to that from me, if you two are happy, just

[00:14:41] Tim Nash: one thing that Michelle mentioned, which was she sort of hooked onto, which was that the doctor was talking about going and looking for that documentation. One thing we ha we have got all these extra tutorials and documentation morphing we don't actually have though is a way for us to give, to find that documentation easily.

If you come and type in the word. WordPress developer course, what you're not going to get is an up-to-date modern WordPress development course. What you're going to get is the person who did SEO 10 years ago, who's done brilliantly at their SEO and is now number one for in Google, for WordPress developer course.

And they're regulating with a course that is still based on something from 10 years ago or credit to them because I wouldn't change it over if I was in that position. But we, as a community, don't have an easy way to do that, except for things like make and learned at WordPress. But learned WordPress is like everything to do with WordPress, very inwardly focusing.

So they won't link out to other people's sites. They won't link out to those other courses because they want to build out those curate that resource themselves. So we, we still need to find a way of getting people's the information and that's something that's really lacking. And I think that the people who said they had learnt Gutenberg in five hours, If they were given the right resources at the right time and they didn't just tweet, I hate Gutenberg.

I can't make it work and have 10 people go and canyon store, which is what you get. If you

[00:16:11] Nathan Wrigley: do it. Hey, this is a curious question about documentation. I find writing the least interesting bit of putting this together in the, there's audio and I have to make graphics. And what have you.

And each time I do write some show notes, which not everybody does, who does a podcast. They might write just a few words, but I sometimes write a couple of thousand to say what's in the podcast episode. And that's the least interesting bit for me because I'm, it just turns out that I don't much love.

Technical, especially writing. I just find, I, I find other things to do. I'm much more likely to be distracted. On the other hand, I know Michelle, you love putting pen to paper and writing things. Do you, what do you think? Yeah. Do you enjoy technical writing? Because a lot of the stuff I know exactly.

[00:17:00] Tim Nash: Yeah.

[00:17:01] Michelle Frechette: I would much rather write things like how to do fundraising. I like to write them for the bigger entire blog. I, anything like that, I write about business, any of those kinds of things, but technical writing documentation. It's very dull to me. Very much needed of course, but also very dull.

[00:17:19] Nathan Wrigley: I kind of feel that's probably going to always be the case. A lot of the people involved in the project are doing important things like writing the code or, being involved in the community or what have you. It feels that it is a stretch to make the documentation, keep up with everything just because it.

My experience is that most people do not enjoy writing technical documentation as much as a whole battery of other things. So I think your documentation side of things is always going to be a bit of a difficult one to keep up.

[00:17:48] Michelle Frechette: I noticed that Cameron hasn't made a note about how much he enjoys documentation.

Either

[00:17:53] Nathan Wrigley: Cameron doesn't set it, then it doesn't come. Yeah. Yeah. Straw poll does. What does Cameron thing? Okay, let's move on because this is a bit of a storm in a teacup piece that we had this week. This this came from two places. It originally appears. I don't know if it originally came here, coy Wolf, the websites.

There'll be a link in the show notes when this is published tomorrow, but I'm going to focus on the one written by Sarah Gooding over at WP Tavern. So this is really curious and it kind of got me all hot under the collar for a little while, until I calmed down and thought about it some more.

But during, during the last week or so there was a plugin author and forgive me. The only thing I've got here is the Twitter handle in blood, Joe. And he put a plugin into the review process and the plugin was called WP something. And I forget what it was called. Maybe somebody can tell me in a sec, and it was turned down because of the, what felt like trademark problem of having a pref the, the preface of WP something.

And obviously as soon as I read this without any more thought or what have you, I suddenly think I've got, I've got WP builds. It's not a plugin, but is that contravening some kind of thing that's written down. I'm not allowed to say WP because my expectation was WP was always the poor man's version.

Saying WordPress. We're not allowed to say WordPress because that really is in law as far as I know. And so we all go WP instead. And I just thought oh no, no, please don't say that WP is now being inspected in this same way. Anyway, his plugin was booted out of the repository and he was told, Nope no, no.

That's, that's not allowed go and find another name whatever. And and this is the way the sort of debate started to happen. It felt like a trademark thing and people were getting all annoyed. Mika Epstein said Nope, nothing to do. We're just trying to make things tidy and keep things.

So that it's really obvious. The really, if you're in the WordPress plugin space, I think the argument would go something like this, find a name. That's got nothing to do with a handling WP. You know, if you're an SEO plugin, call yourself the SEO plugin or something like that, don't have WP. Then of course you get people going.

Yeah. But there's WP rocket and there's WP this plugin and WP that plugin and they were allowed to do it. Why can't I? And so it goes on politics. Twitter feeds go crazy and. What do you think? Let's start with Michelle on this one.

[00:20:28] Michelle Frechette: Thank you. The first thing I thought was, I, I saw the first blush without doing a diaper, a deeper dive and was like, oh my gosh, we can't use WP.

I'm going to have to rename my podcast. Yeah.

[00:20:41] Tim Nash: Yeah. Perfect.

[00:20:42] Michelle Frechette: Coffee talk. Isn't the same as WP coffee

[00:20:45] Tim Nash: time.

[00:20:47] Michelle Frechette: But then when I read it a little bit further, I actually thought a lot of what they say makes sense. So from a marketing standpoint, right? So we think that putting the WP in front of things is going to help us be found it's going to help us.

But the truth is if you can read. Differentiate yourself without use, without relying on the WordPress part of it, then you've probably got a better, it doesn't say WPSU. It says Yoast. Everybody knows what Yoast is. We use give WP with the WP, but it's actually just give, but we put the WP on there just for marketing.

It's not actually in the code. So if you can divorce yourself of the WP where you need to, you can still of course, market yourself as a WordPress.

[00:21:35] Nathan Wrigley: Yeah.

[00:21:35] Tim Nash: Okay. And you don't

[00:21:36] Michelle Frechette: have to rename your

[00:21:37] Tim Nash: podcast.

[00:21:39] Nathan Wrigley: Yeah. We'll sync it. Yeah. Both of us

[00:21:44] Tim Nash: first of course. But then I thought,

[00:21:46] Nathan Wrigley: What do you think about the fact that there are players, obviously in there who've got underneath the wire before really to meet

[00:21:56] Michelle Frechette: anything whenever there's change is going to be things that are grandfathered, right?

So they're not going to make you go back over how many plugins are in the repo now. And how many of them have WP hyphen in them too, to change all of that would be a complete and utter nightmare. And so you do grandfather things, you make changes going forward and to the new people, if you.

Horrible because they got to, I don't, life isn't about fair.

There's equity, there's justice, there's equality. But when you make changes, you move forward. It used to be that, you couldn't, drive your horse on a Sunday or something like that. And we have automobiles now the laws change. And so you just have to say, they used to be able to do it.

But we have automobiles. You can't ride your horse down the middle of main street without causing an accident now. So

[00:22:50] Nathan Wrigley: I'm just going to say, this is not a lower I've ever,

[00:22:56] Tim Nash: right? Our horses, wherever we like, we can vote. We can throw our goats, sheep across bridges in London, quite happily.

[00:23:03] Nathan Wrigley: There's such an interesting conversation about the quirky laws that we have in the UK. Everybody's got these apocryphal stories of these peculiar laws. I'm sure it's the same in the United States

[00:23:12] Michelle Frechette: laws here.

I don't know why, but they're called Lula's. But if you took your. Uh, a motorway that was 55 miles per hour or greater, that's a problem, right? So you can't take your horse down the middle of maybe main, Street's fine because it's slow, but you wouldn't ride a horse down the Audubon. So once upon a time there were no vehicles and riding, that stretched and what turned into the Audubon was a horse path.

So

[00:23:39] Tim Nash: things

[00:23:39] Nathan Wrigley: change. Yeah. Yeah. That's a good point. Okay. Tim,

[00:23:44] Tim Nash: something that Michelle said, barest, you think about Yost and SEO. Of course, if you go and actually look at their slug, best slug is actually WordPress, hyphen SEO.

They are the number one plugin for WordPress SEO in terms of downloads. Now, I wonder how that happened. Anyway, so you can understand why people might be a bit knocked. Also when they, everybody, when it started off, it was all, the whole trademark thing was very much they're blocking the trademarks.

Now the initial response is no we're know, it's but you are. I was like, no, it's got nothing to do with trademarks. What makes one earth makes you think it's about trademarks? It's because the array that this protection is in, and it's called trademarks, underscore exceptions equals array.

So it's literally using the code for trademark preventions to stop this. So of course, everybody assumed the worst. And I'll be honest. The argument is specifically that people who put WP in front are later than going to change it to WordPress. Can they not just not put it in front and then later change it to how does that fix the, so it does feel like there is a solution to a problem, right?

I didn't even realize they had, but clearly there was, there's enough of a problem that they've taken this action. So a problem nobody knew they had, and it doesn't fix that problem. So I'm not quite sure just effort says in that piece, I think that it's an experiment. I imagine it's an experiment that's going to be quietly withdrawn.

I think it doesn't make a huge amount of sense. Enough people are complaining about the fact that it doesn't make sense in terms of how you, how people find and look for plugins. I think an example of DPS MTP is use that. What would you do create a plugin called SMTP? Now you've got two things called SMTP.

So the DP is a good way of differentiating. If I've got my service, let's say I'm a Facebook. I might want AWP Facebook to differentiate my WordPress plugin from my Joomla Facebook plugin. So I might have I don't jail. I don't know how they prefixed Joomla JL dot Facebook, hyphen Facebook. So I can I don't really see the point.

I think somebody put it in 40. It was a good idea. Someone found out everybody got shouty. Now some lines have been drawn. People have come up with a, somewhat of a backstory to fix it because it was by everybody's admission. This was just thrown up in a meeting and it was phoned in a quick code commit and then it was gone.

We've all done. We've all had that scenario and you normally have two choices, you roll it back or you stick to your guns and then you see what happens and it happens over and over again. They'll back down eventually.

[00:26:39] Nathan Wrigley: I'm curious because the, if I do a search in Google, so let's say for example, that it was Tim Nash that I was looking for.

Quite likely there's not that many Tim Nash's cause are there

[00:26:54] Tim Nash: and I hate missed the wolves. There's a guy in Wolverhampton who is a sports journalist and we don't get on. Oh, okay.

[00:27:03] Nathan Wrigley: That's correct. So if I search for Tim Nash on Google, the quickest way that I'm going to find this, he said pointing this Tim Nash is by putting W2.

In the search results. So I would, this is what I do for everybody that I want to track down a Twitter handle for. I might type in Michelle for shat space, WP, Tim Nash, space WP. And that is a solid way of finding somebody in the WordPress space, which tells me that Google clearly associate WP inextricably with WordPress.

And also if you're not allowed to use WordPress and you've got a plugin like an SMTP plugin, and you're now we'll give it a jazzy name, call it something unique. Like I dunno, just a made up name. That's really difficult. You're going to have a lot of work to get traction and to make people understand what it is.

But if you just call it ordinary plugin named prefaced with WP, you've really cut out all the hard work of making people understand what it is. So WP SMTP, WP forms, WP, whatever. It just makes life really easy. Just don't quite get why this should be out of bounds because it's not

[00:28:17] Michelle Frechette: call it that though.

You can still call it that. It's just, it's talking about code. It's not talking about what's your branding and how you're using the word, the letters WP, they haven't told us we can't be give WP,

[00:28:30] Tim Nash: I guess

[00:28:31] Nathan Wrigley: my fear. This is. Conversation when the people were, lots of people were saying, is, is this in fact a precursor to people saying we'd rather you didn't use WP.

And of course everybody came out and said no, no, no, no, that's not what's going on. But I was just, you were just curious that putting WP in the slug name, that mirrors exactly what your plugin is called.

[00:28:51] Michelle Frechette: Thanks the question. Is it WP drama or WP dash drama. That

[00:28:58] Nathan Wrigley: definitely dash drama WP storm, hyphen in hyphen, a hyphen teacup, but yeah.

Nice, good. It's good to have these little dramas occasionally. It's nice to, oh, there's always little drama. The article for this, if is on a WP tab and you can see it here. It's called wordpress.org experiments with rejecting plugin submissions with w. Pretty fixed. And then there's some more words, but that's all you need to probably Google.

Okay. If we're done with that one that was the article that it came with. So we don't need to go into oh boy, this is a piece of that I literally was unable to read because I'm not clever enough. I don't understand economics at all. I am very much how much money is in my pocket and what's the balance in my bank account.

That's all I need to know. I don't have clever portfolio stacks up here and don't understand what financial institutions do and how they squirrel away money and how you get seed money and where it's spent and how you can offset it against this, that, and the other thing, all of those things that I just made up, they're probably not even real.

And this basically what came out of this is the automatic in February. They kept it really quiet for reasons that I didn't quite understand. They had a primary funding rounds. Jaw-dropping amount of money, $288 million. I think I read these numbers so often now that it kind fails, ah, it's $288 million, but then I thought $288 million.

What do you do with $288 million? And you're talking like hospitals and that kind of thing. Aren't you $288 million from a bunch of companies that I know nothing about black rock Wellington, Schonfeld the Ulta park. Probably you will know exactly who these people are, but they've invested a bunch of money into automatic.

And the big takeaway for me was that this number here is now the valuation of automatic. And for those of you that are listening to it, that number is wasteful. Seven point five trillion billion dollars, which is just so much money. And then the article goes into all of the clever financial things that happened and why it's, why they've been buying things and what have you really, that was the piece $7.5 billion.

I don't even know what that could buy. I don't know what that actually looks like, but I'm pretty sure

[00:31:23] Tim Nash: You could

[00:31:25] Michelle Frechette: build your own spaceship and do a around the world like Jeff basis

[00:31:30] Tim Nash: did

[00:31:31] Nathan Wrigley: well. That would honestly be the most peculiar thing to see Matt Mullenweg, launch a space company. That there's something about that which doesn't fit.

I don't know. But what do you, what do you make of this? What do you make of all this money and all of these people investing in automatic? Everybody constantly says that it's maturation. It's the way it is. I don't, I just don't even get it. I just don't get the numbers. I don't get how you get them.

What

[00:31:55] Michelle Frechette: was the market share WordPress has? The internet right now is not surprising to see money being poured in that direction. Because it's, it's, it's not a sinking ship. It's definitely riding the tides very well. And so that's where money goes, right? Because that's, you want to see your money grow itself.

And so you w you want to put it in something that's doing very well. I have an MBA, but my MBA is in marketing. And I took the one finance class that I had to have to graduate. So pretty much where my my conversation ends

[00:32:32] Tim Nash: economics. Then

[00:32:33] Michelle Frechette: it was not in macro micro or any other.

I took it one econ class and one finance class and a lot of marketing and e-commerce classes. But when e-commerce was still, this was 2000 and 2000 and 2001. So this was when it still costs, a hundred dollars to buy a URL and that kind of thing. But but yeah, I think it's interesting to see how much money is sitting in automatic.

It's more interesting to think about why, what is the plan with over $7 billion in a company that's watching the budget lines so carefully, if WordCamps, for example, and no, your, your word camp is about $300 over budget. What are you going to drop so that you know, come in at budget? Why don't we just pull 300 on that $7.6 billion?

Why don't you call it even.

They could maybe send some money over to big run chart and we wouldn't have to worry about the fundraising. Like we do.

[00:33:34] Nathan Wrigley: I feel a gauntlet has just been thrown down and that's interesting.

[00:33:38] Tim Nash: I think

[00:33:40] Michelle Frechette: it has the barista behind her making her cry,

[00:33:45] Tim Nash: remembering that they don't actually have seven in the hall. Some hypothetical scenario has occurred, which how you value intangible things on the internet is always been causing these giant valuations. If you, I don't know if you own a steel production facility, you have the amount of steel you can put out over a period of time and times that by 12 yeah.

Valuation,

[00:34:11] Michelle Frechette: even if we just look at the 208, really understands enough to make sure that word camps happen in a very nice way.

[00:34:19] Tim Nash: One of the things in the article I did find interesting was. And the idea of buy back shares.

[00:34:24] Nathan Wrigley: Yeah. I didn't get this either.

[00:34:26] Tim Nash: So this is basically, when you join automatic and you've been there for a while, they let you buy some shares,

[00:34:33] Nathan Wrigley: right?

So if you're a, if you're an employee and you've put some time in, purchase shares

[00:34:38] Tim Nash: back. No you get your given shares or you can buy extra shares because there are private company and I'm really tidy now how the American system works because it's stupidly complicated everywhere in the world cup.

And because they're a private company, they don't have to, at any point pay you for those shares so they can just keep, you can have shares and they don't even have to give you dividends from them. So when it seems that they've done this year, they've gone and say, Hey, gone to all the people who might have older shares, who might've left the company.

And even some of the original people whose shares are now worth quite a lot of money have gone. Hey, would you like an opportunity for us to buy them back? Which means they can then hold onto those shares, which means that the, that the original or the themselves and automatic, and Matt have a, still have this quite large pot of shares, even though they're getting in all this extra investment.

So my understanding and I am not an economist, is that he's done good. He's doing good. They're doing good. But the big thing is that the exits, the ex-employees have also done good out of this where it's so normal for a company. When you leave that they over just they've issued you with what is effectively junk chairs that are only tangible while you're in the company or.

They force you to sell them at a pittance rates that, so they were totally worthless. It seems like that hasn't happened with automatic. And actually there are people who got a little bit of a parent of this and that's gotta be a good thing because they can give to w orange hot. I was gonna say off.

Yeah,

[00:36:12] Nathan Wrigley: totally.

[00:36:16] Michelle Frechette: My favorite crazy theory though, is that we should be watching for automatic to be purchasing only fans any minute.

[00:36:25] Nathan Wrigley: Okay. So a minute. So I've seen this word so many times over the last let's say week or so, maybe more. What even is that.

[00:36:34] Michelle Frechette: Only fans. I've never actually liked him, but Tim looks like he knows.

So let's just kidding.

[00:36:43] Tim Nash: No,

[00:36:43] Nathan Wrigley: but it's like the way going down a rabbit hole and

[00:36:46] Tim Nash: down a scary rabbit hole, which to go.

[00:36:49] Nathan Wrigley: Okay. The brief elevator

[00:36:53] Tim Nash: it's paid for content from a farm in west Sussex. So it's founded in west Sussex in the UK. It is basically a pay like Patrion only. They allowed adult content.

Do you know what they got really big really quickly, cause it's really unusual for a site like that to offer adult content. Whatever your feelings towards safe space sex work. Provided that space. And so people jumped on it and lots of independent people jumped on it. So individual workers, rather than it being big companies and formed production companies, the problem is there's a reason.

No one does this because MasterCard and visa came along and went, hi. I don't think so. No, no, no, no. You might be consenting. You might be consenting, but we're not consenting to this. We're not in this consenting mode. And so they've basically said you've got, you were yanking your ability to take payments.

So only fans, which is it does have non adult content, supposedly, but someone was talking about toenails TV this morning.

[00:38:01] Nathan Wrigley: Oh no, we're not, no, that's a different rabbit hole,

[00:38:05] Tim Nash: but they they basically said, oh no, we're going to have no explicit adult content, which okay. It's 99.99, nine, 9%.

Oh,

[00:38:15] Nathan Wrigley: It's a bit like wordpress.org.com saying we're not allowing the letter P in any publication as just okay. There's the end of your business. Yeah. But I think

[00:38:25] Tim Nash: Michelle was alluding to tumbler when she made the record. Yeah. Yes. Oh,

[00:38:30] Nathan Wrigley: That's. Yeah, that's really interesting. The, one of the, just getting back to this article, one of the things which keeps cropping up is maps, bullishness about WooCommerce.

I think he really does feel that the valuation of automatic is going to go through the roof at some point in the near future, because he keeps saying that he thinks it's, he thinks it's working at about 1% of what it could do. And if it becomes the default platform for e-commerce throughout the known universe obviously 7.5 billion would seem like a small amount of money.

I just don't. I just don't understand. What you do with like all of this money that's being invested? I guess one of the things addressed in the article is that they're on a massive clip to hire people, sunny people being hired. And if memory serves, I think they've got 136 people hired this year to date.

So in about eight months, they've managed to take it up to a hundred and thirty, a hundred and thirty six extra people. And they're looking for a whole bunch of really senior people around head of payments will commerce, VIP, and various other things. So probably this is where the money is going, as well as buying up loads of really nice things like pocket PocketCasts and day one, all these lovely apps that I like to use.

Alrighty, let's move on. Unless we've got something else. This one is definitely out of my comfort zone. I don't know about you. This is all sort of themes and headless and what have you. And I thought let's put this one in because we have somebody who actually knows how hosting works to me.

Hosting is something I used to run my own server, but it was really straightforward to do, but usually hosting involves exchanging money for a username and a password, and then just praying that it all works. And Tim sort of shrugging. Yeah, I guess maybe that's how it was on the other hand as a deep and rich heritage being on the technical side of hosting.

And this article, which I should probably put on the screen, otherwise nobody's going to know what I'm on about. It's a, it's another WP Tavern article, a new boiler plate speeds up building nearly headless WordPress themes. First of all. What's the D did you, if you managed to read this one, clarify for us, what's the difference between headless and nearly had this?

And don't say Nick, cause that's not.

[00:40:49] Tim Nash: Should we start with what is headless? Because that might get us somewhere. So I headless or decoupled. FIM is where the theme itself is not making direct calls to WordPress. Instead it makes API requests, IVs and the rest API, or graph QL, the graph QL plugin to meet.

So it makes effectively makes requests to the server without knowing anything about what's there on the server. So it's not it come sit on a completely separate server away from WordPress and make those calls across now. This is different from say a static site. So for example, my own site is a static site.

So if you went to my site, you could go and try and find Dave admin area, all you like. But if I, I log in on my local machine, on my local machine, I generate some pages and it creates HTML, which gets automatically uploaded. We have a headless scenario. It's very similar in some respects in that they've got the HTML and the JavaScript gets uploaded and can be uploaded anywhere you like, but have a headless one.

There's this connection back to a backend service somewhere that can then be running WordPress. Now the advantage of this is that backend server. There's far less things hitting that backend server. So from a resource perspective, it's a much it's means that your site should stay nice and fast and shouldn't fall over.

From a security perspective, there are some benefits that there's because people are hitting. It's hopefully a flat HTML at the front that you still want these end points exposed, but those end points are much more limited. And what can be done with them? The downside to both a full static site and a headless site.

Is that plugging? Yeah. Don't really do anything anymore. If you imagine gravity forms and it's yay. I put my gravity form up on my static sites and I submit the format. It doesn't go in anywhere. That's unfortunate. So you then have all these things and services that work together to try. So suddenly running a static site requires you to have 20 services working for you and it, can you go from, oh yeah, this is going to be free.

I can run this on, I know get hub pages to actually it's costing me a fortune because I'm paying. Yeah. Stole my forms for me stuff. So, and likewise with headless yeah, I'm free except for the fact that I still have a full WordPress stack sitting over here that I have to pay for.

And if you look at people they're hosting companies that are now in this space, they've got to ha we get to make you pay for it twice. Hi, I'm so you'll pay so that you effectively end up paying for two service cars and to set for this, these sort of setups as for nearly headless, I believe what we, this is what's referred to as a marketing tool.

[00:43:40] Nathan Wrigley: Nice.

[00:43:42] Tim Nash: The, basically the it, it, from what I read and understood, I haven't played with it is that their plugins basically extend the rest API to give you more functionality. So the rest API, by default, it has some very limited options in terms of what you can get in and out of it without going through a whole heap of authentication and doing often all sorts of complicating stuff and their plugin gives you a little bit more flexibility.

The problem, when we start talking about giving API APIs more flexibility is we end up with XML, RPC in a nice pretty version with Jason, but we'll end up back in the world of XML RPC very quickly, if we're not careful. And this is where headless really falls down. We're taking something that was fairly simple.

And we've just added layers and layers of complexity for partial gains. Now, in some scenario for big enterprises in particular, this might work well, especially if you can get your WordPress site, your main part of your WordPress site, sitting behind the corporate firewall. You have a proxy in the middle for just passing those single those requests through.

It can become a very secure way of working and a way that works in most in enterprise. It models for your average person. Headless WordPress is probably not the thing they need or want to go towards. And I think nearly headless is just going to be. Yeah, it's, they're selling a plugin and they're selling their plugin and free, but they're not selling, they're giving it away.

I think what is nice about this is that it is using modern stuff. Instead of like jQuery, they've got Alpine JS and bits in there, but it is just a theme at the end of the day. Yeah.

[00:45:33] Nathan Wrigley: I think it's good that we had Tim on to talk about this because I couldn't have said any of those words.

Like I don't even know. I think Tim was probably just lying to us. No idea. So

[00:45:46] Michelle Frechette: 2 cents, my 2 cents on this is we need to get James tryin to. Create the headless while poo and then nearly headless off of the bat.

[00:45:56] Nathan Wrigley: Oh, come on. That would be so funny. No, yeah.

Like,

[00:46:04] Tim Nash: the big bull with his head there instead of the big blue thing,

[00:46:10] Michelle Frechette: I think it will be hysterical

[00:46:16] Nathan Wrigley: for

[00:46:16] Tim Nash: Halloween.

[00:46:18] Nathan Wrigley: It really does. So those seem to me like this keeps getting pushed out as a trope at the minute, headless is the way forward. And what have you, it's quite interesting to get your take on that. Also. I am interested in what you've got set up on your own. I'm guessing that you've done this.

You've built it yourself. Tim, you're set up for your own personal website or is it a, is it like a spaghetti of different services and plugins or no, for mine naturally,

[00:46:44] Tim Nash: my website just uses, I have, I run a copy of Oh, my machine. Actually that'd be we'll skip over because it's not quite, but for the sake of it, I have a local dev environment on my machine, which has my sights on it.

We should have standard WordPress sites. It doesn't have pretty much no plugins on there except for a couple of coded. And then I use tape DP static, which is a plugin that you can buy Leon Stafford,

[00:47:13] Nathan Wrigley: Sounds right. But it's just

[00:47:14] Tim Nash: generates HTML page is, and then I have basically, I put those HTML pages and I have so when I hit go it, my site, when I've written some thing or edited some bits and pieces yeah.

It deploys my sites into a folder, which is a folder, which I then just get committed to. And it appears on my net fly on Netlify, which is a hosting server for static things. It is free. I don't think you're

[00:47:48] Nathan Wrigley: right about that. I've got a feeling, we got the name or is it WP to start it with the number two or something like that?

Yeah, he

[00:47:55] Tim Nash: has two plugins and it's the one that's. Okay. This one allows me to just do stuff from the car.

[00:48:01] Nathan Wrigley: Okay. Wow. That's really interesting. You also, and is there is a reason why you did that, is it just that you wanted to conjure about and fiddle and try something new? And when you'd finished it, you're like, oh, I'm really happy with this.

Or did you set out to make it because that is significantly more complicated than I would like to be involved in, but obviously there are massive benefits,

[00:48:21] Tim Nash: significantly simpler than managing a WordPress website. No. Because I don't have to worry about serving set up servers and all that jazz, or are ultimately the things on my local machine.

It's the get stuff is all optional that you could have, literally just as long as you can get a WordPress site running on your local machine. It's as simple as then pressing a button and it can be deployed to whatever hosting you want. And your hosting can be a massive fly button, but you could say get her pages that you could throw that to Cloudflare's new static hosting.

You can put it wherever you like. And so I've got a backup system with my DNS so that even if Netlify went down. Cloud fly would just kick in and you'd still see the science again. So I

[00:49:13] Nathan Wrigley: think I think Tim, you get this week's award for, this week's nerd point awards. That's that's really good.

That sounds great. You can do this really simply

[00:49:22] Tim Nash: as what I'm saying, I stupidly complicated because that's what I am, but yeah, it's, it can be done simply and it's much cheaper. And then, from a security perspective, People can't

[00:49:36] Nathan Wrigley: do anything with it. Yeah. There's nothing to go up. Yeah, yeah.

Yeah. Okay. That was fascinating on all the foams and all that kind of stuff you take care of with what a third party or it's

[00:49:45] Tim Nash: Netlify itself has a forms API. So basically you just put in some custom data in the history. For the form. Got it. And it will post it. And on their free plan, you get like a hundred entries to your form afterwards.

You might have to pay a hundred people. Don't

[00:50:08] Nathan Wrigley: I love it. Would you say all these, you can get 500,000 page views a month off you, whatever it's yeah. Okay.

[00:50:16] Tim Nash: This scenario I didn't want to be in. I, as you as someone who is fairly technical, my choice is really well managed the stack of myself or have somebody else do it for me. I don't want somebody else to do it for me.

I've I have my own opinions and they're very opinionated on what I want out of things. And so this was the solution that I came up with to make it as simple as possible to get something done. And this way I'm. Faffing about, and I don't have to worry about doing server updates every day and managing stuff and deploying staff and all this I, when I want to write, I could just write a post and go.

[00:50:54] Nathan Wrigley: Yeah. Yeah. Okay.

[00:50:57] Michelle Frechette: So as somebody who doesn't struggle with imposter syndrome, that does get challenged when I'm on WP builds and almost every conversation we have is technical. And I'm here with Tim mash just saying,

[00:51:09] Tim Nash: Because I hate the next story.

[00:51:14] Nathan Wrigley: I've got a side with you, Michelle. A lot of this stuff is it's like it's often totally beyond my pay grade.

And sometimes it's nice to. Yeah. Sometimes it's nice to read it and try to figure your way through the woods. And other times it's you get halfway through and you go, oh no, no idea. But but it's nice to hear.

[00:51:32] Tim Nash: You can buy the

[00:51:32] Michelle Frechette: servers and everything. And I'm like look at the wall, pu

[00:51:39] Tim Nash: my

[00:51:39] Michelle Frechette: confidence intact.

[00:51:40] Tim Nash: It'll be a good

[00:51:41] Nathan Wrigley: day. Y'all have a place. Don't we? That's the nice thing about this community. So yeah. Speaking of which we're onto another area of Tim's strength again. So Michelle and I, what we'll do is we'll just walk off the screen, go and make it you know, just read the papers.

But no, this stuff, to be honest with you, I am really interested in internet security. And I, I said before we hit the record bomb, I'm really interested from the narrative side. I really like reading. Vulnerabilities and things that have gone wrong and people trying to patch it. It's when the technical details start to drop in that.

I it's not just that I, it's not that I'd lose interest. I can't keep up. I just don't have the technical background or capability to keep up, but I'm really interested in internet security, probably more than anything else. Actually. I just really liked the stories and I like all the people who are just this sort of dynamic of people fighting on one hand and people trying to defend us on the other hand.

And it's really adversarial. And I just love the ingenuity and the things that the hackers are up to. I know it sounds ridiculous, but the, the boundaries that they're pushing all the time to make the people, the good guys, if you like, have to do the work to keep them out. So it's just fascinating, not necessarily on the, just on the WordPress side, just the internet in general, your iPhone and your computer and all that kind of stuff.

Yeah, I won't

[00:53:04] Michelle Frechette: say that security is the number one reason that all of my sites have been moved to managed WordPress hosting. I don't have to spend so much time worrying about being here because I did get hacked once, three times over the same weekend. And I had everything sitting on a shared server and it took me hours and hours because I didn't know how to clean up the sites and I didn't have the money to pay somebody at the time it was freelance.

And you know, looking at managers, it's people that block at the price it's like insurance for me. Yeah. He likes to listen to Tim talk on and on about it because it is fascinating. I don't mean to say that in that way. It is fascinating. I didn't say drone on and on. I said, but it is fascinating.

And I'm just so grateful that people like Tim exist and that people have managed WordPress hosting companies take care of this for me so that I can just sip my coffee. Will

[00:54:00] Tim Nash: Tim talks about that?

[00:54:02] Nathan Wrigley: I remember I was skiing. This is go years ago. I was scared and I'd been several times and I've been trying really hard to be good at skiing.

I was giving it my full attention. Every single thing was every sinew of my butter. And then. This is what looked like a nine month old child just went straight past me and just did some cool, little

[00:54:23] Tim Nash: child.

[00:54:24] Nathan Wrigley: Do you know what? I'm just not built to be good at something.

[00:54:28] Michelle Frechette: Gravity

[00:54:29] Tim Nash: is lower.

It's easier for that.

[00:54:31] Nathan Wrigley: And I think that's the way it you know, you can't be good at everything. We've all got our skills and speak in a, which turns out that there's a lot of people out there who have great skills hacking websites and creating a FOSS for the rest of us, with malware and viruses and all this kind of stuff.

WordPress, it feels has got a massive target painted on its back just because of the volume of websites that are built on top of it. And Wordfence big company in this space often put out articles. This one is nothing to do. A particular vulnerability and they're the ones we normally mentioned. This one's just about the sort of cat and mouse game.

Really, if you like of people trying to hide their malware and make it look as benign as possible, in fact, make it look to the untrained eye like me, I looked at the stuff that they're mentioning in this article. I would just pass it by just curious, what Tim's thoughts are on this? The article is called a WordPress malware, camouflage, just code and just, I wish these people didn't exist, but I'm also quite gratefully are because it gives me some sort of thing to hook onto each week.

So yeah, Tim. Alright. The floor is yours.

[00:55:38] Tim Nash: Am I allowed to pimp somebody? Else's podcast? Of course, if you like security and you like security narratives, dark net diaries. That is

[00:55:48] Nathan Wrigley: so good. It is a very good disagree. I was listening to that just yesterday. In fact, beautiful podcast. Yeah.

[00:55:55] Tim Nash: Unfortunately.

Life is not like Garcon, that diaries all yours, the views that you have, my life is basically an Excel spreadsheet. Most of the time, it's nowhere near as fun as you'd think. But speaking the articles all about it, it's an idea of how bad actors are now trying to hide their code. Now, the one thing you find with hacked code is most people, if a person looks at the page, so if somebody knows the site has been hacked, someone goes and starts looking for the code and they open up a file.

You can normally tell which files have been hacked by the fact that there's this dirty, great block of unformatted gumph that makes no sense. And that was because the bad actor was trying to avoid the enemy, automated scans, looking for them by obfuscating the code and hiding it and coding it. And then trying to decode it later down.

The result of this is it looks ugly and humans. It's that. Whereas computers can't really detect what we perceive as ugly code or the big blocks go as easily. Humans are really good at reading free files and going that's the hacked code. So over time, this sort of, there's this sort of half and half scenario where if you, if they'd left the code an obvious skated, then someone's antivirus software would have picked it up by obfuscating it, the antivirus software is less likely to pick it up, but a human is more likely to put it up.

Now we're getting into a scenario where the bad actors are trying to work out where the halfway houses were, where they can not end up with these giant bits of code, but have bits of code that looked like the same as everything else. I came across this a few years ago where I was reading through.

I knew I saw it had been hacked. And I was reading through this code and I glance down this file and I looked for it and I was like, I can't find this hack. It's not in this file. And I went back several times. I went and looked at the file again, and then I realized that where the hack was because it was actually a function.

And it clearly said in the comment, which they'd written in the same style as the rest of the file, this is where we're sending the payload of data to credit card data to the company, dealt with the URL of where it was going. And it was completed full autopilot. Obviously I skipped it about five times, because I wasn't, I was looking for a big block of horrible code. I wasn't looking for. Oh, here's the fucking shit again, beautifully commented. I learned a lot about how they were doing stuff. It was really nice to me, but I wouldn't have I as a person who was glancing, I didn't spot that. And actually the automated virus checks weren't spotting it either.

And because it just looked like sensible, normal code Now the Woodford's article is actually talking about where they've got, where they're not doing it quite as blatant as that, but they're making functions to look as if they should be doing something when they're really doing something else and then pulling in extra data.

And one of the things that they do right at the end, that's quite clever that you find an awful lot on is that they get their data from a PNG file. And you're thinking, hang on a minute, P and G is a picture, but most people don't realize that you can just shove extra data into files like PNGs or JPEGs.

So you can throw in PHP code into that file. You could still load the file up and it will still be a picture, but halfway down, there's just a bunch of PHP code. Now, if you went to a server and you typed in, I dunno, my example.com/my PNG, it would still show you the picture and it wouldn't execute that PHP code.

But if you had some other code on the site and said, Hey, execute the code, that's in this file. Then PHP is pretty good as a passer and goes, okay. There seems to be a load of gum. I don't need to know about it, the picture, but Hey, there's this tag here that says PHP. I, so I'll just process everything in between that.

And it process it from passes out. You'll be amazed how often you find PHP sitting in public uploaded images. So if you've got a website that you let the public upload an image to, there is a reasonable chance that you're going to open up some of those JPEGs and find that there is that in fact, some dodgy code system.

Oh, no chances, all of that be exploited without another exploit in place as well. Yeah. But it's just this article shows how you can just layer these things in, along with hiding things really well.

[01:00:32] Nathan Wrigley: Sorry. I was gonna say,

[01:00:33] Tim Nash: The, the moral of this story is keep everything up to date because when it, when these vulnerabilities are found, if you're getting hacked, then you're getting hacked because your website isn't up to date.

So as glamorous as it is, and when you sing all the fun bits in the code, all of it is really relevant to your average user and the average users who just update them. Yeah.

[01:00:53] Nathan Wrigley: Keep it everything. Yeah. So in, you know, real world scenarios, crime, and all of that kind of thing is often, there's a, there's a real obvious gain, somebody burgles your house and they take a lot of your stuff and it's value.

And that kind of thing. I am never, there's no bit of me, which doesn't always get amazed why these, and I know it's done by robots, and I know it's not individually picking up particular websites, but just curious what your thoughts are. W why, what is the benefit typically for. For this stuff to be put out there.

What are they trying to do? Are they putting Bitcoin miners on your server or are they trying to just lock your content ops so that you pay them a run somewhere? What's the current meaning of it

[01:01:41] Tim Nash: really depends. Yeah. Good old fashioned sending you Viagra spam is still very highly popular.

So just shunting. So you're just using your server to send out as much spam as possible. Okay. Directing traffic around. So taking your sites over so that they can then use your site to push traffic to a different site, whether that's to boost SEO rankings, whether that, or whether that is to do a direct denial of service attack on other people's sites.

Ransomware is fairly low down the list on when hitting websites. That's more about hitting web service. So if you can take the whole an infrastructure, if you can take the whole infrastructure, if you take a website and just say, ha we've changed all your files, then what tends to happen is the person goes, ha.

I have a backup. It's a bit harder when they go, ha I've taken over your entire server and you go up actually get into it. Put the backup on that's a bit more, but yeah. So for websites themselves, ransomware less though, ransomware of your host is a huge potential issue and we're seeing more and more hosts being hit with ransomware.

Yeah. But yeah, I'm afraid. Yeah. Bitcoin mining is a common one. The LOLs is still actually relatively high up on the system. But quite a lot of these people actually, what they do is they will put a buck back to her and she sites for back doors, just another way to get in. So once they put the first vulnerability in, they'll create a second or even a third one and then no, just cell access.

And then, and you can normally see when a site's been parked. And sold because you're you, when you go through the logs, you can I ha I can see the initial entry point there and there, and then Wolf, all of these people suddenly logging in and Chris weirdly criminals now, really working exclusivity.

I'm sure they tell them that it's exclusive, but we did a few minutes. They just sell it as much access as they can. So the people who are doing the initial, getting the things on your server are normally selling and they don't. You have a bachelor's during, after

[01:03:41] Nathan Wrigley: that? Yeah, it does feel to me like it is, this is really the wrong word for it, but it does feel like if you are into internet security and you want to go down black, the dark side way of doing things that there is actually a career in that isn't that, you can genuinely make decent money if you're good at it, which is such a darn shame, you can make

[01:04:05] Tim Nash: decent money if you crap

[01:04:06] Nathan Wrigley: it at that view.

Oh really?

[01:04:08] Tim Nash: Oh, the scripts for pennies. If you in the right place, you can be getting this. You can gain access for pennies. You can. Get enough. Nah, you can make enough that you can make a good living while at being absolutely rubbish and not having much technical announced at all. I guess if you use a Tor browser, you probably have enough right now to make money, which is, sounds like a terrible don't do it as a career move.

I

[01:04:38] Nathan Wrigley: was selling it, yeah.

[01:04:42] Tim Nash: Going

[01:04:42] Michelle Frechette: over all the forms in my head that I have that allow you to upload images and every single one of them requires that you pay me some form of money, so sponsorships or that kind of thing. So if they want to upload images that have that, they're going to have to pay me to do it

[01:04:59] Nathan Wrigley: nicely done Michelle.

That's a good way of getting round. I suspect that if that's the case, it's quite unlikely that somebody is going to pay you to to upload a nefarious image. That's a good way of getting around it. Yeah, just fascinating. I'm always fascinated by this, the back and forth and the fact that it affects all of our lives and it just increasingly, funnily enough, I was trying to book a badminton court earlier.

This has got nothing to do with WordPress, but I was confronted by the fact that I couldn't book the badminton court unless I was using. Yeah. You literally can't book the leisure center facility now, which you have to book now because of COVID and all that. And you have to have the app, they won't do it over the phone that I was just suddenly presented with the fact that good grief, if you're, if you're really not into technology and you, but this is the way you've got to do it with forcing everybody into doing, using technology for everything.

And I'm opening all this stuff. Why don't. And I would imagine that, if my, my parents, for example, had to do the sort of stuff, they would probably have a laptop or something. It'd be terribly out of date because they've got no interest in updating it. I just, just worry about the future. So many people putting horrible stuff out there.

Anyway,

[01:06:12] Michelle Frechette: I had to teach my parents how to use Uber and it was not

[01:06:15] Tim Nash: fun.

[01:06:15] Nathan Wrigley: Oh, what do you mean you like hailing a cab? Yeah. And it's funny, isn't it? Because I suspect that for the likes of you, it would, there was no impediment to doing that the very first time. I bet you, you downloaded the Uber the app the first time.

And within seconds you'd figured out how to do it. But honestly, if I gave that to my people in my life, let's say that it, it would be impenetrable. They wouldn't be able to get past the, let's

[01:06:44] Tim Nash: just

[01:06:44] Michelle Frechette: say I ended up ordering a cab from my location to their location. Like I basically had the pickup and do it from my phone because they just could not understand the

[01:06:55] Tim Nash: concept.

[01:06:56] Nathan Wrigley: Yeah. That's a weird, yeah. Okay. Technology is everywhere. Okay. Let's press on. We've gone through the regular smorgasbord of stuff that I picked out for this week. And I'm going to go on to a bit of a. Which has been given us spy Michelle this week. First one, let me put the screen back on now. I confess I haven't had a chance to read this, Michelle, so it very much is over to you.

You're we're looking at a piece called women in technology, Hazel Quinn. Beau, why is this on our screens?

[01:07:26] Michelle Frechette: This is our screen. So one of the things that I love about LiquidWeb is that they highlight women in technology that work within the liquid web company and brands. And I was just, oh, there's Hazel.

She says, hi. I said, so Hazel is one of those people that I get to work with. And we knew each other just through Twitter prior to this. But Hazel is just absolutely delightful. She knows her stuff. And when we get together in the same room, the ideas that generate back and forth and the synergy is just amazing.

And I assume that because of the kind of person she is, she has that with a lot of people. So when, when you put, when you put into the show notes are there any articles that you want to post, to point people to what's relevant in your world? Right now, this just landed on the blog last Friday.

And I absolutely wanted to take the opportunity to highlight Hazel.

[01:08:26] Nathan Wrigley: Oh, but Hazel isn't quite as isn't the same velour as this right now, but Hazel is a sort of slightly redder color

[01:08:35] Michelle Frechette: and I had the same hair color. Oh

[01:08:37] Tim Nash: yes. Yeah. Oh

[01:08:39] Nathan Wrigley: that's nice. So it's this particular blog feature. Is this a bit like.

Rhopressa where they just pick out people from their own company. And until you tell you why they are such remarkable people

[01:08:52] Michelle Frechette: more than that, it's so a specific, they, they, highlight a specific woman every, every month and they assign a writer and the writer interviews you and then puts together this piece that makes you sound amazing and highlights all of the things that you do.

And, when you get to read about these other women who are making great strides, and one of the questions, when you get a chance to look at it, one of the questions is, what do we think of as the future of women in technology? And I love going back through this part of the blog and looking what other women see as the future of women in technology and the bright hope that there is and the legacy that we hope to leave for other women to have an easier path into different technological careers than we have sometimes had to fight to get to where we are.

And so it's just wonderful. And being able to to work with women like Hazel, it just absolutely, people ask me all the time and they still do, when give WP was acquired. It has it been okay because everybody worries that, that take that's to take over kind of thing.

And it has been nothing but joyful because I still get to do exactly what I do with give WP. But now I'm within a larger organization that puts me in touch with people like Hazel on a regular basis. And this is just, talk about it.

[01:10:16] Nathan Wrigley: Yeah, that is nice. On fourth, my little, oh no, maybe it'll work.

Maybe I have to click that. Oh, there we go. There we go. I can make it up here. Look. Oh, shocks. Michelle knows how to make a girl feel special. Agree. LW is all sorts of fantastic LW, liquid web. I'm guessing. Yeah, we spoke about that. Didn't we at the time, and there was all sorts of incredibly bizarre, unexpected from my point of view benefits that you accrued through the acquisition and sounded, it sounds like it's all working out really well for you.

That's lovely. You put two pieces forward for us, then you put another one which is. On your home territory, if you like the gift side of things.

[01:10:55] Michelle Frechette: Tell us about this. Yeah, the last time I was here, I got to talk about that we have texts to give now with give WP. And we have people who are using texts to give, which is wonderful.

And there's lots of opportunities within a nonprofit organization to use that specifically, if you're having an event and people can't just like whip out and go to a website, now they can use the text to gift, but peer to peer fundraising is coming very soon. It's in the final stages of testing.

We're going to see it very quickly. But what it does is it allows you to have people create donation forms on behalf of your organization, within your organization. So think of it like a little bit of um, like WordPress and give meats. I can't think of the word, the fundraising thing, right?

Yeah, something like that. So let's say that you are running or you're putting together a 5k and you ha and Nathan wants to run and he wants to raise money for your 5k. You think you can go to your website, spin up a donation form on your website to raise money for that 5k under his name.

[01:12:00] Nathan Wrigley: Oh. So I can proxy the fundraising for you. So I can just autonomously re fundraise for something that you're doing without your permission. Even I could just say, oh, I just want to give you a, I just want to give you a headstart.

[01:12:15] Michelle Frechette: You will have to, there's permissions on the back end, right?

So you can spin up a S a P you know, but somebody, on the admin side will have to say, yes, we approved this form to go up on our website because you want to make sure the language is proper and all of those kinds of things. So you still want to have some levels of control. But it's really going to make things easier.

So we saw with the last word fast that we did peer fundraising. So I had, 24 days of artwork and I raised over with Jessica Frick, we raised over $500 during 24 days for word Fest. And that was done with give WP, but using gravity forms to pull it all together and then how's it on the site.

This is going to be without having to use a third party like gravity forms or ninja forms to be able to do that. So it's going to be its own plugin. It's going to work seamlessly with give WP and it's going to make it. People are constantly asking us, we're having a golf tournament. People want to be able to put together their foursome, raise the money.

We're having a chili cook-off and we want to make sure people want to be able to create and have it not having to submit and have somebody create the form on the backend is just going to make life so much easier for all these nonprofits who want to be able to do that peer to peer fundraising like that.

[01:13:28] Nathan Wrigley: That's really cool. Can I just say that you, you said something which I've heard in film so many times you said chili cook-off folks over this side of the Atlantic, we don't, we have no idea what that means. What is a chili cook-off

[01:13:42] Tim Nash: do you

[01:13:42] Michelle Frechette: have like bread pudding cook-offs or something? I need Yorkshire pudding cookout.

[01:13:46] Tim Nash: I don't think we do.

[01:13:49] Nathan Wrigley: Do we have that.

[01:13:51] Tim Nash: No, we do things like the largest carrots. And

[01:13:55] Nathan Wrigley: it's just a simple, large carrot. Keep it easy

[01:14:00] Michelle Frechette: chili cook-off let's say we have fairs and things like that. Here's right. And so chili cook-off would be, everybody creates their own version of what chili is to them.

And then you have. Testers you say you have judges, that'll go through and they'll taste every single one and proclaim that one is the best.

[01:14:16] Nathan Wrigley: Oh I think we've stolen that idea and created a show called the great British bake-off where people, people create cakes and then you know, there's a great deal of.

Close and rending of teeth or the other way around. Yeah. So it's a thing, it's a thing on this side of the electric as well. Okay. That looks really cool. Yeah really nice. Obviously my sort of slightly foot in mouth moment earlier where I said, yeah, anybody can raise money for anybody. I guess you've got to give it permission.

Otherwise you might you know, you might have people that you really don't want raising money for you raising money for you, which could be a bit,

[01:14:52] Michelle Frechette: or they might like, misspell your organization's name. So there's some controls on the backend to be able to fix things like that. Add featured images if they don't put an image and things like that.

So you'll still have complete control over what's on your website, but it allows other people to do the spin-up for you so that you don't have to go through and have conversations with people. And it doesn't have to be complex.

[01:15:15] Nathan Wrigley: Right. A couple of extra things. The first one, I don't have a screenshot for.

So I'm just going to pull this, the screen off. Michelle. Do you just want to mention, I think I might do it. And if there's any need to say any more, we can add that in. But Michelle wanted to mention that the word camp, us dates have been announced it's October the first 20. The upcoming October, it's not, like 20, 22.

And I think they're at the point where they're looking for speakers. Is that right? If you go to the website. Yeah. Nope.

[01:15:46] Michelle Frechette: The deadline has passed on that now. Because it's coming up so quickly, right? So here we are. We're building this whole thing in eight weeks, basically. And we're down to like about six weeks

[01:15:55] Tim Nash: of it.

You

[01:15:57] Nathan Wrigley: were involved in that one or you as

[01:15:58] Tim Nash: well.

[01:15:59] Michelle Frechette: I'm one of the organizers for working at USC.

[01:16:02] Nathan Wrigley: So go and check the website out. Sorry. I don't have

[01:16:04] Michelle Frechette: any more. They're available now. That's okay. Tickets are available now. So

[01:16:08] Tim Nash: thank you.

[01:16:10] Nathan Wrigley: Yeah, not by three. We'll be

[01:16:12] Tim Nash: very upset with you. 400

[01:16:14] Nathan Wrigley: pounds off. You wonder what the the point of con the constraint moment is like it's $27.

All right. What about 38 or 92? Maybe

[01:16:23] Tim Nash: I will tell

[01:16:24] Michelle Frechette: you that sponsorship sold out within a few hours.

[01:16:26] Nathan Wrigley: Oh, so good. Well done. Hey, speaking of which, that was a nice segue. Never get that normally. I'm just going to plug something I'm doing, we're doing this page builder summit thing. Yeah. We're on version three.

And if anybody wants to help us out with sponsorship to make it happen, basically, please reach out to me. You can reach out to [email protected] and it's happening in October this year. So it will, nicely just collide probably with WordCamp us. So it looks like Michelle will, we're going to be running, drawing, because you've got them all already.

But if you are page, but with summit version three, we are, we're doing it a little bit later than WordCamp us. And I guess a week or 10 days or so later. But if you're interested in sponsorship, reach out admin at, to Pagebuilder summit.com and our show notes, Tim didn't add anything, but I'm going to open the floor to him and he can just decline and say, no, I've got nothing, but Tim, if there's anything you want to mention that you're doing this week, this month, something that you want to plug feel free to go forward.

[01:17:30] Tim Nash: No, I'm on holiday. Oh, nice.

[01:17:34] Nathan Wrigley: They're the best things. In that case, I will say one thing which I want to get your two's opinion on I'm thinking of buying a standing desk discuss, is that a good idea or is that just stupidity? I want to get one of those desks that moves up and down, the kind you ever done that you ever done.

The standing desk

[01:17:56] Tim Nash: thing. So I have a version of this it's

[01:18:02] Nathan Wrigley: called boxes, right? So you just literally put the, you put boxes on top of the table until it's high higher. Okay. Yeah. Yeah. Okay. I did think about boxes and I did, because my table is like basically hardwired into my room. It's one of those kind of pre fitted things.

And I can't really do much job bout it. And then I saw this thing that you can plunk. It's a Kickstarter thing. So it's a bit of a posh box and it comes in three flat-pack things and together they make this sort of a frame and things can stand on it. But I just thought, you know what? I sit in this chair too long and as well, you've probably all seen my chair.

My chair is not the kind of chair that anybody ought to be sitting in. It's a quality there it is.

And I was thinking I need to stand more and it would be a bit like me putting on a few laps of the circuit each day, just by standing around.

[01:18:55] Tim Nash: I would say maybe a chair is an improvement.

[01:18:59] Nathan Wrigley: This is the chair. This is the chair, which works. Honestly, I've had this conversation. There is a nice chair.

Like I've just touched it. There it is. And I hate it. It makes my back hurt. This beauty does. It's just sit in this all day and the occasional shuffle where I just have to realign things. I'm

[01:19:20] Michelle Frechette: golden. That chair. That's why. Yeah.

[01:19:23] Tim Nash: It's

[01:19:23] Nathan Wrigley: just the perfect. But I feel like even though I've got this nice chair that I I feel like I've seen, I see people talking about getting a standing desk and I think actually that would be good for me just being on my feet all day might be a good thing.

Not for everybody. But I think the

[01:19:39] Michelle Frechette: opposite, the opposite. So I understand the opposite is technically what I already have, but I need one. What do you mean two reasons? Number one, I have mobility issues, so I can't stand for long periods of time. So standing desk does nothing for me, but I'm only five feet tall.

And so in order to reach the desk at the right height for my hands, my feet dangle, and so that I have to have steps like a stool under the desk to put my feet on. But if I move to the right of the left, then it's not under my feet anymore. So I'm constantly readjusting how I sit at a desk. If I sit comfortable with my feet flat on the floor, then my arms are too high for the keyboard.

And so as somebody who's only five feet tall, I need short desks. Is there such a thing as, could I live lower this best by about three inches

[01:20:28] Tim Nash: there?

[01:20:28] Nathan Wrigley: Isn't the anti box is that you can't like it. It's a trough. You need like a little trough in the desk that you can put them on it.

[01:20:37] Michelle Frechette: When I worked at the massage school, my desk actually had.

It wasn't the kind of does not where it just sets on the ground. It had little feet underneath it. And so one of the maintenance people came in and cut the feet off for me. So the desk was the perfect height. Now, after I left there, I don't know who got stuck with that desk because there probably wasn't anybody else, five feet tall, but regardless I was a happy camper for those couple of years.

[01:21:02] Tim Nash: Yeah.

[01:21:02] Nathan Wrigley: Because most office furniture is like pre-bought, isn't it. And I'm just looking at for example, the table behind you it's, it's got the legs that it comes with and that's the height this I fitted and it's, it is the perfect height for me in this chair, which doesn't move, everything works exactly.

I'm just conscious that I'm not spend eight to 10 hours a day sitting in this chair. I'm just thinking it would be a poor man's way of getting a little tiny bit of exercise. Heinrich says get one. Basically. He really recommends it. Best thing. And Cameron also. Yeah, I love it. Okay. That's it sold?

I'm going to get some books. I was gonna say,

[01:21:38] Tim Nash: get your boxes first, because if you're using the boxes, that will let you feel it and test it. And then if it works, then buy it. Cause it, the only thing I would say is they're incredibly large investment to get a decent one and you need to have one that has a good Mo if you've got a heavy desk.

Yeah. You need a good one. Otherwise, what happens is you either have a hand crank shaft, which just that we'll get your exercise in, but only one arm will get, right. But if you want the one that if you basically you're after the thing that presses the button, and then you want one that goes to various presets and all the fancy stuff you need, that they do come in quite expensive.

So try with the boxes

[01:22:19] Michelle Frechette: versions, they have desktop versions where you can set it on top of your desk,

[01:22:24] Nathan Wrigley: a frame on which I've seen, which I really liked. The look of the only thing is I've got a fairly wide monitor. And I feel that like tapping on the, so I could Mount that onto the wall, but then tapping on the desk as it is at the minute.

I'm imagining that the, the, the minute vibration I get amplified by the boxes or the sudden this thing's going to, it's going to be like watching the. I'll get a little seasick, really first world problems, but I was just interested to know what you thought. The only two comments we've got about it, very favorable and Tim's got his box.

And so there we go. Oh, it sounds good. Thank you. Yeah. Yes, that's right. She wants the opposite. Yeah. You need a saw clear

Ikea

[01:23:06] Tim Nash: desks, nearly all of them have their sort of raising and lowering standards and they're lowering one is really low. The only downside is that you also need to spirit.

Yeah. Oh, then boys, when you raise up your, your four legs and you're trying to even them up to the right Heights. Yes, I've done it fine. And then you watch your mind. What's the

[01:23:26] Nathan Wrigley: coffee slowly go towards the really expensive MacBook pro on the end of the desk.

We really went off piece there, but it was very nice. Thank you very much for that. As always, we do this 2:00 PM UK time. Every Monday, we'll be back here next week, hopefully joined by Paul Lacey. But for this week, we've we've done it. We're going to knock it on the head. I would obviously like to thank both Michelle and Tim for joining us this week.

We on this new platform, we don't have to do the awkward wave because it just stops it straight away. But would you mind for the sake of the album art, would you just give us a wave so that I can I can screenshot that last few seconds. That's perfect. Thank you very much. We'll see you again soon.

Thanks guys.

Thanks.