As a WordPress obsessor, I jumped at the opportunity to not only attend WordCamp Detroit but also help plan it. Months of work finally paid off on November 12th and 13th where 250 WordPress lovers spent two days at the Detroit Renaissance Center and listened to speakers who flew in from all over the US (and Canada). As a self labeled "expert" I didn't expect to learn much, but I was wrong. Here are some of my key takeaways:
Sam Cohen, Local Development
- It's time to stop cowboy coding (ie: editing sites directly off the file server)
- Instead develop your site locally using XAMPP, MAMP, WAMP or my favorite InstantWP
- Use RAMP to deploy content from dev to live environments
Chris Ross, Free is Not A Business Model
- In business school, they teach you that "Free is not a business model." With WordPress, it is.
- WordPress allows you to make money by giving things away for free.
- Make free plugins and charge for support
- Make free plugins and get freelance gigs (to customize)
- Ask for donations
- Write / publish free content and get donations or ads
- Write / publish free content and make affiliate sales
- Google is now notifying site owners that they need to upgrade WordPress (through Google Webmaster tools)
Wally Metts, Communication
- An adjective is the enemy of the noun. Avoid adjectives, use stronger nouns.
- Active writing means using better verbs.
- Vivid writing means using better nouns.
- ie: don't use "they made a decision" use "they decided"
- When communicating "unpad" everything. Remove meaningless, doubled and inferred words.
Matt Lincoln Russell, Online Communities
- Forums are still one of the most popular methods of online socialization
- The typical forum design does little to engage the user, they are complicated and overwhelming
- Some forum solutions (like Vanilla) try and simplify the forum process
- Getting forums started is the hardest part
- Eventually people will police and moderate your forum for you
David Wilemski, WordPress Security
- A large part of keeping WordPress secure is being "less hackable" than everyone else
- Most attacks are not targeted (attacks try thousands of WordPress sites, looking for the most vulnerable.)
- Common vulnerabilities:
- Privilege escalation
- SQL Injection
- Some easy fixes:
- Change your WordPress table prefix
- Rename the "admin" account
- Use SSL in your admin
- Use 755 file permissions for for directories and 644 for files
- Use the wp-config.php secure keys
- Limit login attempts (or login via specific IPs)
- Be prepared backup regularly, including:
- When hacked, clear and reinstall (there could be hidden hacks)
Having used WordPress since 2006 I didn't expect to learn new things, but the community continues to impress me (or maybe I'm not as smart as I think.) I often go to events such as WordCamp for networking and opportunities, not for education. However there are so many smart WordPress experts willing to share their knowledge for free. Additionally, WordCamp Detroit demonstrated the breadth of the WordPress community. The best presentations were not about core WordPress functionality, rather the surrounding topics of being a website owner, developer, designer, etc...