• @jedibob5
    link
    English
    1494 months ago

    Not as drastic as the headline makes it out to be, or at least so they claim.

    “We acquired Tumblr to benefit from its differences and strengths, not to water it down. We love Tumblr’s streamlined posting experience and its current product direction,” the post explained. “We’re not changing that. We’re talking about running Tumblr’s backend on WordPress. You won’t even notice a difference from the outside,” it noted.

    We’ll see how that actually works out. Tumblr’s backend has always seemed rather… makeshift, so I’m curious to see how they manage to do that. Given Tumblr’s technical eccentricities, a backend migration could probably do a lot of good for the functionality of the site, if done properly. I have my doubts that WordPress’ engineers will be given the time and resources to do a full overhaul/refactor though, so I’m fully expecting even more janky, barely functional code stapling the two systems together.

    • @[email protected]
      link
      fedilink
      English
      674 months ago

      WordPress is built on decades of hacky code, probably more so than Tumblr. I would be shocked if this is an improvement.

      • @Goodie
        link
        English
        284 months ago

        is it decades of hacky code, or decades of battle tested code?

        I haven’t touched wordpress in… many years, but I’ve seen far too many developers look at old code and call it junk… only to break things horrifically when they attempt a rewrite.

        • @[email protected]
          link
          fedilink
          English
          174 months ago

          Hacky.

          Wordpress has a reputation for the most moronic security issues. Especially when it’s built on PHP, which has its own reputation for moronic security issues. And that’s saying nothing about the quality of plugin developers or plugin code.

          I’ve worked on Wordpress sites, plugins, and themes. That was many years ago now, but I doubt it’s changed that much. If anything, it’s mostly benefited from improvements to PHP.

          • @[email protected]
            link
            fedilink
            English
            154 months ago

            Has to rank as one of the most exploited pieces of software ever.

            Definitely be not aided by the fact it’s targeting an audience without the skills or knowledge to adequately configure, maintain and monitor it. And the plugin community only makes the vulnerability exposure worse.

            • @[email protected]
              link
              fedilink
              English
              44 months ago

              Yup. I imagine a lot of users install a lot of plugins they don’t actually need, which just expands the attack surface.

            • @webhead
              link
              English
              24 months ago

              Kind of the old Windows vs Mac problem though. It gets so many exploits because it is so ridiculously popular. No one is going to bother looking for exploits in shit that no one uses right? I’m sure they’ve got problems like any project but I’m not convinced they’re THAT bad. Not to mention a lot of exploits you see are plugins doing dumb shit, not WP itself.

        • @chilicheeselies
          link
          English
          64 months ago

          Both honestly. Very spaghetti, but noone can deny that it just works from a user perspective. Would I want to maintain the code? Hell no! Do use it as an end user? Hell yeah!

          • @[email protected]
            link
            fedilink
            English
            14 months ago

            Nah, not touching that with a 10’ pole. There have been far too many exploits for me to feel comfortable putting any of my important data on it. And it’s not just that it’s popular, the level of sophistication for these attacks are… alarmingly low.

            • @[email protected]
              link
              fedilink
              English
              14 months ago

              It’s a public site that’ll be backed up regularly, what kind of important data would you be putting out publicly?

              • @[email protected]
                link
                fedilink
                English
                14 months ago

                If it’s an e-commerce site, than people’s payment info, name, and address. If it has a login, then their login information (which they’re most likely reusing elsewhere). Even if it’s just a static site, than any data that might be hosted on the same server.

      • Eager Eagle
        link
        English
        13
        edit-2
        4 months ago

        my thoughts exactly. Who in their sane mind sees WordPress as a solid foundation for anything?

        you must be truly desperate to come to me for help.

        Loki WP

        • @Peepolo
          link
          English
          74 months ago

          Most large publishing companies, the white house and various government departments all use WordPress for their main sites. Its the third party integrations that cause security issues, not the core code.

            • @Peepolo
              link
              English
              2
              edit-2
              4 months ago

              Indeed, but using poor ones or not keeping them updated is what causes the wrong opinion that WordPress isn’t solid.

              30% of the most popular 1000 websites are built on WordPress supposedly.

              • @[email protected]
                link
                fedilink
                English
                14 months ago

                Sure, and who is vetting the plugins? How often are unmaintained plugins replaced in those popular websites? How quickly are vulnerabilities patched and applied?

                The whole thing is easy to set up, but unlikely to be properly maintained.

      • @jedibob5
        link
        English
        44 months ago

        Not as familiar with WordPress, but if that’s the case, yeah, I don’t have high hopes for this going well…

        • @Woovie
          link
          English
          34 months ago

          Every comment in this thread might as well be hearsay. I wouldn’t take it too seriously. I think I’ll trust the corporation that runs wordpress.com and maintains the open source WordPress project instead to know what they’re doing with WordPress.