Feb 9th, 2014 | Miscellaneous
Many years ago I learned of this pearl of wisdom shown below. I don’t know when or where I learned of it or who might have been known to say it, I don’t remember if I read it or was told of it by someone else, and I don’t remember it’s exact wording either.
But I do remember its essence. And I have found its essence to be a rather consistent evaluator of the character of people, so I’m paraphrasing it here for your consideration:
Notable people talk about ideas.
Regular people talk about events.
Trivial people talk about – other people.
Feb 8th, 2014 | Programming, Software
It occurred to me recently that while intuitively obvious to many the concept of “Software Quality” is probably something never actually studied by the average developer who doesn’t have a formal computer science education.
Yet understanding software quality beyond intuition has been extremely helpful to me over the years as a programmer and software architect. And while there are many amazing self-taught developers it’d be a shame for me not to blog about it since I can cover the essence of software quality so quickly.
A Bit of Personal History
It was back around 1988 I was first learning OOP, also known as “object-oriented programming”. One of the few books avaiable on the subject was “Object-Oriented Software Construction” by Bertrand Meyer, but of the books available I probably learned more from it than any other. I’ve learned an amazing amount since but it was from that book I learned many of the foundational principles I still use daily as a software architect.
I still think most of what was covered in the book’s 2nd edition is relevant. If you are interested in reviewing it to decide if you want to read it I found a copy online but you can buy a used one for US$0.01 on Amazon.com
The External Factors of Software Quality, Named
The first chapter in OOSC covers Software Quality. To explain the concept Meyer simply defined numerous related terms, which he called “External Factors”, and wrote a few paragraphs about each. I’ve edited his definitions slightly, for brevity, and I’ve included them here as your crash course in software quality. Enjoy!
- Correctness - The ability of software to perform its exact tasks, as defined by its specification.
- Robustness - The ability of software to react appropriately to abnormal conditions.
- Extendibility - The ease of adapting software to changes of specification.
- Reusability - The ability of software elements to be used to construct different applications.
- Compatibility - The ease of combining software elements with others.
- Efficiency - To place as few demands as possible on processor, memory and bandwidth.
- Portability - The ease of transferring software to different computing environments.
- Ease of use - The ease with which various people can learn to use software to solve problems.
- Functionality - The extent of possibilities provided by a system.
- Timeliness - The ability for software to be usable when or before its users need it.
- Verifiability - The ability to detect failures and to trace errors during operation.
- Integrity - The ability of software to protect code and data from unauthorized access/modification._
- Repairability - The ability to facilitate the repair of defects.
- Economy - The ability of a system to be completed on or below budget.
Take these terms and commit them to memory. And when building software ask yourself “How does my software fare with respect to these factors?” If you can answer that your software fares well then you can rest easy in knowing that you are probably a developer who builds quality software.
As a side-note, after having learned OOP in the late 80’s I’m still surprised when a professional WordPress developer says, in 2014, that “I don’t really understand OOP.” Time to get with the program, I say!
Feb 1st, 2014 | Opinion, Technology, Web
As someone whose entire career has been involved with technology platforms, and specifically programming platforms in some form or another, it’s clear to me something which is obvious to most patient observers: that adherents of a particular technology platform tend to become very “religious” about it.
Advocates of specific a technology platform are known to rather vigoursly proselytize and defend their technology platform of choice, and they are also known to call out “blasphemy” (as they see it) against their technology platform. I guess it’s just human nature to gravitate to concepts and communities and to then defend them from perceived outside attackers. I myself have at times been among the technology platform devout over the years though I do try my best to keep it in check.
But I’ve noticed that the concept of RESTfulness in Web APIs has a religious tenor that is beyond what I’ve observed elsewhere. This post’s goal is to explain what I’ve perceived. As you read, note that I make several points along that way that seem to unrelated, but I bring them together at the end.
Many technology platforms, while possibly having a single founder are promoted by companies and over time their marketing and promotion tend to minimize the founder’s visibility among its adherents, such as Windows, Java, .NET, Zend Framework, Sitecore and ExpressionEngine to name some commercial examples.
Yet other technology platforms have a single visible founder and they tend to be open source, for example: Linux, PHP, Python, Ruby on Rails, Drupal and WordPress to name just a few.
Like these mentioned open-source technology platforms REST also has a well-known founder Dr. Roy Fielding who named and defined REST in his chapter 5 of his doctoral thesis, titled Representational State Transfer (REST).
Architectural Style vs. Platform
Now if Dr. Fielding reads this post I’m sure he would first object to my associating REST with Platforms; he has made it clear on numerous occassions he considers REST to be an Architectural Style and not a Platform.
That’s fine and I don’t disagree in the least, but I’m associating them because they share at least one (1) attribute. Few (if any?) architecture styles have emerged that are the result of one man’s PhD definition, as I’m far as I am aware. And that has ramifications that caused REST to be treated by its adherents more like a software platform than a lower-level architectural style.
Requirements and Constraints
Unlike most technology platforms which are often not focused on the rules of how to use it properly, REST is instead a prescription for the requirements and constraints a system must follow. In other words its about both what you must and what you cannot do (in order to be considered RESTful).
Potential critics of this post might point out that that is the point of an architectural style. But this style has an engenered a level of religious fevor, similar to that seen around technology platforms that I’m not aware any of other architectural style receiving, at least not lately.
The Good Book
And this prescription for must and must not is where REST starts to look a lot more like a religion than most technology platforms. The Torah, the Bible and the Koran, for example, they are all written works that prescribe correct and incorrect behavior among their faithful. Similarly Roy’s thesis defines what is and what is not correct among the REST faithful.
God and the 10 Commandments
While most technology platforms that have a visible founder see the founder actively involved in evangelizing, writing about, and shepherding their platform on an ongoing basis, Dr. Fielding has pretty much been an absentee founder. In the earlier days of the web he was active on W3C and related mailing lists, and he wrote a seminal post clarifying (especially in his reply to comments) that “REST APIs must be hypertext-driven” But since then Dr. Fielding has been conspiculously absent when any of the debates regarding the application of REST have emerged.
In many ways Roy has been for REST like the God of the Old Testament; he spoke to the people in the early days and wrote his “commandments” in the form of his thesis, but since then the faithful have only had his thesis and that one blog post to clarify the meaning of REST.
Disagreement and Debate
Today, fourteen (14) years since Roy’s thesis and six (6) years after his seminal post on REST disagreement and debate rages on regarding RESTfulness and Web APIs, its relative usefulness, the level of RESTful purity required, and especially as it relates to one specific constraint; HATEOAS.
I’d link to specific debates but there are so many yet few epic or seminal debates so it’s hard to pick just one. But I can link to several conferences and mailing lists where you’ll find these debates and mentions of REST-related debates on blogs across the web:
The primary things you’ll find among these debates is disagreement on the role of hypermedia and an assertion that permeates much of the dialog among the most fervent being that most other people building APIs “don’t get it” and “are doing it wrong.” On the other hand there appears to be very little agreement on how to do it right, at least when it comes to specifics.
I will say that I do tend to agree with those debating that most people do not get it and that they are doing it wrong because parts of REST are not easy to fully understand so it’s very difficult to be sure of what exactly “right” is. And why is that?
It boils down to this. There’s little disagreement about who gets to define REST; everyone (I know of) points to Dr. Fielding as being authoritative and his writings canoncial. REST was defined by this one (1) man who wrote down it’s specification in an academically defined manner sans examples, and then briefly clarified it in one (1) blog post with follow up replies to questions for about two weeks after.
Since then the REST faithful have been left to interpret what REST means on their own much like the process of Exegesis related to religious texts.
And like religious movements, REST has a good many people who have taken it upon themselves to explain the meaning of The Good Book and the intentions of it’s founder. Without Fielding actively participating and making judgements on these debates who has the authority to declare who is right and who it wrong?
Imagine if God had decided to hang around all these years and intervene on the topic of religous debates? Imagine how much less contentious religion would be?
In that vein, I leave you with this joke from Emo Phillips as hopefully an appropriate analogy:
Once I saw this guy on a bridge about to jump.
I said, “Don’t do it!”
He said, “Nobody loves me.”
I said, “God loves you. Do you believe in God?”
He said, “Yes.”
I said, “Are you a Christian or a Jew?”
He said, “A Christian.”
I said, “Me, too! Protestant or Catholic?”
He said, “Protestant.”
I said, “Me, too! What franchise?”
He said, “Baptist.”
I said, “Me, too! Northern Baptist or Southern Baptist?”
He said, “Northern Baptist.”
I said, “Me, too! Northern Conservative Baptist or Northern Liberal Baptist?”
He said, “Northern Conservative Baptist.”
I said, “Me, too! Northern Conservative Baptist Great Lakes Region, or Northern Conservative Baptist Eastern Region?”
He said, “Northern Conservative Baptist Great Lakes Region.”
I said, “Me, too! Northern Conservative Baptist Great Lakes Region Council of 1879, or Northern Conservative Baptist Great Lakes Region Council of 1912?”
He said, “Northern Conservative Baptist Great Lakes Region Council of 1912.”
I said, “Die, heretic!” And I pushed him over.
P.S. Credit for Inspiration
This entire post was inspired by Nick Kallen’s comment on Roy’s blog post about REST and hypermedia. His comment starts with this (emphasis mine):
I had a hard time with the writing in this article; I don’t normally perform exegesis on blog posts. Am I interpreting this correctly?
Jan 22nd, 2014 | Opinion, Personal
Once again I’m blogging on a topic I’ve previously spent much time covering in email replies. So rather than compose that email reply yet again I’m blogging it for today and for future reference.
Thanks for offering to guest blog or advertise; forgive me though but I’ll have to decline.
Or, If You Want to Know Why:
First, thanks for offering to write a guest post here on my blog, or to pay me to advertise here. I’m honored. But pursuing either of those opportunies is not consistent with my purpose for this blog.
I Blog for Myself
While I do obviously blog, I don’t consider myself an active blogger and I intend for all posts on MikeSchinkel.com to be written by me. My blog is for:
- My opinions when I get inspired to attempt to persude on a topic,
- To write posts about information I want to remember or refer back to later, or
- As in the case of this post, to refer people to read instead of writing the same email reply repeatedly.
I’m Not Interesting in More Blog Traffic
I don’t add content to this blog with a goal of generating more traffic, except for when I’m trying to persude and then only from those I’m trying to persude.
Plus I’d prefer to get fewer comments rather than more because each comment I get generates a “todo” which if I’m going to answer should be answered in a timely fashion. Even though a guest post wouldn’t require writing on my part, I would have a follow-up obligation to answer comments on the post should the author not, since it’s my blog. These would all become “urgent” todos even though they would almost certainly not be important in the grand scheme, they would still compete for time with my “important” todos that I constantly struggle to find time for (see urgent vs. important.)
For Me, Integrity Trumps Ad Revenue
As for advertising, if I started including advertising then people would immediately assume my goals for this blog are to generate revenue and that might call into question any position I might take on the blog; i.e. was I being paid for my opinion? Since my integrity is far more important to me than any small amount of income I might get in ad revenue I say no to any and all advertising on the blog portion of MikeSchinkel.com.
Including One Means Others Will Expect It Too
Let’s say I allowed one person to guest post or allowed one advertisement on my blog. As soon as I did I’d open myself up to be asked constantly to allow it to happen again, and then I have to craft a personal reply explaining why I said “yes” before but “no” to them. Better to just always say “no” and then nobody’s feeling gets hurt and I don’t have to spend time explaining.
Guest Blogging Begets Confusion
Although this may not apply to other blogs, my blog doesn’t have a design that would make it clear that a guest post wasn’t written by me and people might assume I wrote it. Worse, if the guest post was controversial people think I wrote it could result in a negative fallout for me. But the most obvious thing likely to happen is simply that people will start contacting me in comments, on Twitter or via email for clarification or to offer more guest posts, and that would all translate into more unwanted “todos.”
Bottom Line: I Appreciate the Offer, But No Thanks
And yes I know I’ve had this domain for over a decade and yes it’s probably got traffic and Google visibility that a site launched on a new domain today would covet, and some people see that as a waste of opportunity. But it’s my blog and that gives me the option to choose what gets published here. And I’ve decided I want to keep it non-commercial and only include posts written by me.
I thank you in advance for your understanding.
Jan 6th, 2014 | Opinion, Web, WordPress
Well, that was an incendiary title. On purpose.
Now that I have your attention, let me say that I don’t literally mean “stop blogging”, I mean to object to the meme that seems to have overtaken the zeitgeist of too many lately. The “You Should Blog Every Day” meme. Here are some of it’s advocates:
As an aside I think somehow the folks at WordPress.com must have used subliminal messaging on their platform to encourage blogging addiction and thus, for them, revenue growth. But I digress…
What’s Wrong with Daily Blogging?
If you’ve read (any) of the posts above you’ve read glowing prose about how and why you should post daily, but none of the counterpoints. Just as we wouldn’t appreciate our neighbors leaving their trash bags on their lawn why do so many people champion other people to churn out non-stop pablum? Where in anyone’s good book has this endeavor been canonized as a virtue?
Daily posts are rarely more than opinion, and from what I’ve seen are usually without significant research, or links to related information on the topic. After all, who has the time for any of that when posting daily?
Adds High Noise, Low Signal
Publishing daily adds to the total amount of information out of them web. Let’s just say only 1% of US Citizens, let alone the rest of the world followed the “Blog Every Day” meme; together they would produce 1 trillion posts/year! Do we really need that much more low-information content to contribute to overload on the web?!?
More is Not Better
Daily posts focus on volume and not excellence. Unless you are one of those extremely rare prolific individuals who can be blog daily and write high quality content (and those people are usually known as “professional jounralists”) then posting daily is just setting one’s self up for #fail.
Not that you won’t be able to successful at daily posting, you might, but is daily posting really more beneficial than writing a much higher quality post less frequently?
No Time for Greatness
Similar to the previous, people who blog daily set themeselves up on a treadmill after which they’ll likely never have time to write a truly epic post. Some of the best and most valuable posts I have read on the web have been long form posts that clearly took more than a day to write. Few daily post ever gain continous linkage, at least not from what I’ve seen.
Why Should You Not Want to Blog Daily?
Besides the reasons above not to blog daily, what about selfish reasons for not blogging daily?
Busy People Will Tune You Out
Although I can’t say it’s a completely valid indicator, busier people seem to be the ones who accomplish more. As such, they are a higher value audience most of the time. If you post daily you’ll likely overwhelm people who want to consume your content but simply cannot handle the volume.
Expect More of Yourself
The first question to ask yourself is “What else could you be doing with your time?” If you spend only an hour a day blogging that’s over 9 weeks full time for a year; could you not achieve something better than a slew of blog posts?
If you are a programmer, for example, why not build and release an open-source project? If you are venture capitalist, why not take more meetings with entrepreneurs or use your network to help your existing investments more? If you are a social media maven (really? seriously?) maybe you could use your time to research all the emerging tools for tracking and analysis.
In other words, envision a BHAG project you could complete rather than just writing a new blog post every day. If John F. Kennedy had rallied US citizens around all journaling daily instead, would we ever have ever made it to the moon?
You Are Competing with Millions
If you are blogging about anything that is not highly unique, you are competing with millions.
Consider if you were paid your effective hourly rate for the time you spend blogging; would you invest that money in lottery tickets if you had it in your bank account? If not, why would you compete for the attention of people against so many others who are blogging too?
Life is Too Short
One of the mantras regarding daily posting is that you have to train yourself and develop discipline, which means that for most people blogging daily is just not fun. Why put yourself through that unless you are really going to benefit greatly from it?
But What About the Benefits?
Reading through all of the posts listed above about why you should blog each day it seems that the primary benefits stated are these, paraphrasing of course:
- Increasing your blog traffic
- Readers expect it
- Developing habits are a key to success
- Establishing yourself as an expert
- Exercising your “Writing Muscle”
Let me tackle these one-at-a-time, in reverse order:
Exercising your “Writing Muscle”
That’s probably the best reason listed, and I agree. Except.
If it is really important to you to become a better writer, then yes, write every day. But you don’t have to push the “Publish” button, at least not for your public blog. Here are strategies that you could use instead that would excerise that muscle just as much:
- Write a portion of a longer blog post, and do it every day.
- Create a Facebook page and write posts for it daily.
- Write a private journal daily. If you really need/crave feedback, invite friends to access it. But publish your best work less frequently on your blog.
Establishing Yourself as an Expert
This is another good reason. But a weekly blog can be just as successful at establishing your expertise, if not more so.
Look around at some of the leading experts you know via their blogs; how many of them blog daily? I’ve listed at least one below, Mark Suster. His expertise is well established, but he doesn’t blog daily unless he has something to blog about.
Developing Habits are a Key to Success
Agreed. But do you really need to blog daily to develop habits? Aren’t there other habits that can generate a better return in your life? (exercise, to name one?)
Readers Expect It
Sorry, this is just rationalization as far as I’m concerned.
When I was young my father told me:
“Don’t worry what other’s think; they think about you about 1/1000th as often as you think about yourself.” Similarly, most people don’t wait with baited breath for you to generate yet another post.
As for the few people who do tell you they wanted you to blog more (search for “Loyal Readers Crave More Content”) they are just feeding your confirmation bias compared to the majority of your vistors.
Increasing your Blog Traffic
Really, it comes down to this.
Yes, blogging daily is about driving more traffic to your blog, nothing else. And sadly, it works.
If your primary goal is to drive more traffic to your blog but not necessarily higher quality traffic, and the other reasons for not blogging daily are of no concern to you then more power to you. Just please don’t try to fool yourself or convince others that your daily blog ritual is for any other person than yourself.
Sorry to be harsh, but I haven’t seen anything that has given me evidence to believe there’s any other reason for it than self-promotion, and in some cases even narcissism. Maybe you can convince me otherwise in the comments below?
Are There Exceptions?
Of course there are exceptions. The ones who should daily blog (well, actually “write daily”) are professional journalists, you know people who get paid to write daily, and especially those who write news stories, which by definition require daily writing.
Also, anyone who generates highly unique content, such as content about their own company’s products or services could possibly benefit from daily blogging, especially if they have internal content developed by others from which to draw upon.
Effectively anyone who is likely to write content that nobody else is going to write could be forgiven for blogging daily. But even then, less frequently per author is better because then they have the time to write higher quality posts.
Information Overload Redux
When I was in college and learning to love programming computers there was one (1) monthly magazine that covered the programming language I was learning at the time. Each month I would read it cover-to-cover several times, and anxiously await the next issue to start again.
Today, thinking of programming for WordPress, I could spend every waking minute reading good quality articles that would be somehow relevant and informative regarding my current chosen professional. But to find the good articles I’d have to sift through the other 90% of that were published just for publishing sake, the ones that are little more than noise.
Simply put, blogging daily exponentially increases the amount of noise on the web. And that’s really not good for (the users of) the web, or humanity.
Bloggers I Wish Didn’t Post Daily
Speaking of daily bloggers, here is a short list of people who I really respect and admire and who I would love to see write some truly epic posts inspired by their knowledge and experience. Unfortunately each day I find a typically a mediocre post albeit occasionally a few almost good ones. But (almost?) never do these people product really great posts.
Fred <@fredwilson> is known as the VC who has funded some of the most visibly successful Internet startups in the past decade. He blogs daily, and I get an email containing his daily posts. Given his daily blogging schedule and all of his other obligations and evident success, I am constantly amazed at how good his posts are.
But more than being amazed, I’m also disappointed because he never blogs long form or in-depth. I know he has great knowledge and experience to share, but I never really feel like I’ve learned something after reading Fred’s blog posts, I just feel like I’ve been kept up to date.
Now Fred’s blog has generated an incredibly active community of commentors. Many of the frequent commentors are well-known and successful people in the startup world, but I constantly amazed at how much time these people can spend commenting on Fred’s blog in a day. It flabbergast me, frankly.
Fred’s blog uses Disqus for commenting, a company he has invested in but one where I find product usability very lacking other than I do really like the ability to edit the typos in my comments, which you can’t do on most blogs. The reason I mention this is that as soon as I comment on Fred’s latest blog I am inundated with about 250 emails that day because Disqus emails every me comment, not just replies to my comments, and Fred’s blog overflows with comments. This is clearly good for Fred’s personal branding and provides him with a posse of people he can ask for help, but then if Fred wasn’t an uber-successful VC I doubt he would get the same following from his daily blog.
After all, people are attracted to where the money is…
David <@davidcummings> is an incredibly talented individual. He’s a “local boy done good”; he built and then in late 2012 sold Pardot for $90 million to ExactTarget, which was then sold to Saleforce.com. Almost immediately after be purchased a 100,000 SQFT building in Buckhead, Atlanta’s prime real estate market, a.k.a where old money lives and new money parties.
David christened his new Buckhead facility Atlanta Tech Village, now home to 100’s of startups. He has become a well-known ambassador in town for high tech startups and has receive the attention of the USA Today, the Mayor of Atlanta Kasim Reed, the Atlanta Journal/Constitution, Atlanta’s Creative Loafing, InvestAtlanta, the Metro Atlanta Chamber of Commerce and more.
I think 20 years from now Atlanta will look back at David as the father of Atlanta’s High Tech Industry Boom, or something similar. When I tell people about David who don’t know of him I say his is Atlanta’s future equivalent of Brad Feld re: Bolder, Colorado.
CLEARLY David is amazing, one of the best business thinkers in Atlanta. And he blogs daily, and yes I get an email for every one of his posts. Unfortunately David’s posts are short and rarely ever better than a high-level outline of some topic that he has clearly queued up for the day. I receive his post via email, like clockwork, around 10pm ever night.
David has so much value to share, and he obviously devotes the time to sharing. But unfortunately David’s choice of daily bloggingmeans that he rarely if ever (has the time to) write a really valuable, in-depth post that leverages his profound knowledge, experience and expertise. For example, David frequently mentions the importace of establishing a great company culture but he’s never blogged anything that helps a would-be entrepreneur know how to establish a great culture in a startup.
Such as shame, really.
Tom <@tommcfarlin> is one of the sharpest guys in the WordPress space, if not the sharpest WordPress guy I know personally.
Tom is also incredibly prolific. He blogs nonstop it seems, constantly writes for Envato, he’s written numerous plugins listed on WordPress.org, he gets profiled frequently, he was a partner at 8Bit which used to sell the Standard Theme he helped develop, and he was a contributor to their WPDaily blog, which is no more.
Anyway, I tried to follow Tom’s blog for a while and periodically he had some incredibly valuable posts. Unfortunately they were interspersed with numerous opinion and/or low information posts many of which generated a lot of comments but few if any dispensed any real usable knowledge, at least for me. It’s as if he set himself a goal to write daily, so by gosh that’s what he is going to do.
Sadly, I had to unsubscribe because the noise-to-signal ratio was just so high. And that made me sad, but I had to do it.
Honorable Mention: Eric Mann
I got to know Eric <@ericmann> during the time I was actively involved in moderating and answering questions on WordPress Answers. While I learned that Eric is a very bright WordPress developer with lots of relevant experience and a great ability to explain answers to WordPress questions in writing, what I admired the most about him was how even-keel he was when interacting with others on the web. Never did I see Eric involved in a flameware (unlike me, unfortunately) nor have I ever witnessed him talking down to someone online, a behavior that otherwise runs rampant online, especially in certain open-source circles. Eric really has my respect.
And when Eric blogs a how-to article about WordPress, it’s usually well worth reading, at least for me. I know Eric has interest in writing a novel, and recently it seems Eric has decided to blog every day (if I misunderstood Eric, please forgive.) My criticisms are not of his posts so much as a knowledge he wants to blog daily and I fear we’ll see more quanitity and less quality.
As an aside, it was actually that comment exchange which triggered me to finally write this post rather than just repeatedly think this sadness I feel when faced with the daily blogging of others who blog posts I would love to read, albeit not daily.
Awesome Bloggers Who Don’t Post Daily
Conversely, here are a few of my (current) favorite bloggers. They seem to only post when they have time and inspiration, but their posts are almost uniformly excellent. When I think of these people I don’t think of how much pablum they have churned out, I only think of how much I am in awe of them.
Mark’s <@msuster> blog tagline is “Entrepreneur turned VC” and his experience just exudes from his posts. From my perspective Mark is a VC on par with Fred Wilson albeit he’s not been a VC as long thus he hasn’t had the time to rack up an equivalent number of successes. But like Fred he writes for entrepreneur’s benefit and is clearly not a VC who thinks the best way to win is to take advantage of startup entrepreneurs. Both he and Fred write as if the best entrepreur-VC relationship is a win-win relationship, and that’s why I think both of them has gained so much attention.
Whenever one of Mark’s posts arrives in my email I think “I need to make time to read that, because I know it will be worth reading.” And 9 times out of 10, it is relevant to me and my interests in startups and provides me with significant insight or understanding that I would struggle to find published elsewhere.
Kudos to Mark, he’s my favorite blogger and I would love to have the opportunity to meet him in the future under circumstances where I have something of benefit to offer him.
I don’t know who actually blogs for Price Intelligently <@priceintel> but their posts are almost consistently excellent. They blog more frequently than Mark Suster, which surprises as they are able to keep up the quality, but if you care about optimizing pricing for a SaaS then this a must-read blog.
And I’m really glad they don’t try to do the daily thing.
Contrary to the rest of this post, I really wish that April <@aprildunford> would blog more. I think she’s like me; she’ll get a burst of inspiration and write a few posts, and then she’ll get busy and 6 months will have gone by with no new posts.
I don’t know April well but she’s got a startup marketing blog, and it’s excellent. When she posts.
At Least I’m not the Only One
Finally it seems these people agree with me, at least somewhat:
One Final Takaway
So if you are contemplating the development of a daily blogging habit, please consider this the summarization of the above:
- Choose Quality Over Quantity
P.S. I do get the irony of my blogging on this topic. But since it’s contrarian in nature I think it counts as unique. One thing’s for sure; I could not write posts like this every day.
Jan 5th, 2014 | Atlanta, Personal, WordPress
Here’s an email I got a few days ago from someone I met at a Meetup about 6 months ago:
I have a friend looking for setting up a non-profit website and they want to use WordPress. I was wondering if you’d be able to help with this, or if not if you know of someone you can recommend who does WordPress website design? My friend needs mostly graphics work, but also need help setting up their WordPress site. They already have the logo and the content. Their budget for this is around US$1000.
I get an email similar to the above about once a week on average. It seems I’ve become branded in the eyes of many people in Atlanta as "The WordPress Guy" even though I don’t do what most people think of when they think of "People who do WordPress"; i.e. I don’t design nor do I build WordPress-based websites.
Pay it Forward
But when someone asks for help I really do want to help.
I’d never fault anyone for not knowing that I’m the wrong person to ask. And I also wouldn’t fault someone who doesn’t know how much it costs to hire a WordPress specialist; if someone is not a immersed in the web world how could they know?
No More 1-off Emails
Still, I’ve written a response to this type of email more times than I care to count. Speaking of, a few days ago a blog post by Eric Mann inspired me to stop replying long form to emails and to start writing blog posts instead.
So here goes.
A Custom Website Design for US$1000?
Let’s talk about that US$1000 budget. In the Atlanta area we have over ten (10) Fortune 500 companies and as a result we probably have over 100 digital agencies, all directly or indirectly serving those large companies as well most of the midsize companies in the area. Good graphic designers are in high demand here, and they are used to being very well paid. I’m not sure, but I expect the same is true in most major US cities as well.
For US$1000 it might be reasonable to expect to three (3) design comps for your future website’s home page. But it’s highly unlikely you’ll find a quality designer to generate a custom design for an entire site, encode the design into HTML+CSS, convert the code it into a WordPress theme, install WordPress at a hosting company, research, select and then install the various WordPress plugins needed for the features desired, and finally configure everything, all the while taking input from a client who is likely to constantly question aspects of the implementation. All for only US$1000.
And the previous paragraph assumes you can even find someone with the skill to do all those things rather than needing to find a team or to assemble a team of different skills to build the site.
Of course you might get really lucky and find a student from SCAD, Creative Circus, Art Institute, or Portfolio Center who would be willing to build your website for US$1000, assuming your student has already worked extensively with WordPress as a hobby.
So like I said, you might get really lucky…
What Should My Website Cost?
But what price is reasonable to expect?
Those who build WordPress websites know the "How Much?" question can be a landmine. Quoting a price too early can get a WordPress sitebuilder into hot water. I’ve seen WordPress websites cost between free – self-serve at WordPress.com – and US$500k or more. How can a site builder know how to price a website prior to fully understanding its requirements?
Price really depends on both what the client needs as well as what the client wants/expects. And the latter is rarely consistent with the former. For example, does a divorce attorney’s website really need a Flash-based header showing storm clouds, and lightning strikes on hover?!? (yes, that is an actual client request, no demand, that I heard from one of my friends who is a sitebuilder.)
WHICH IS WHY I LOVE this website price calculator:
It was built by Erik Wolf who runs ZeroG Creative. It walks a wannabe website client through a series of questions that help the prospect understand some of the things can affect price and by what magnitude.
Here are some of the questions:
- "Are you planning on hiring a designer/firm?"
- "How many people will be involved in the decision-making process?",
- "Will your website require eCommerce?",
- "Will your site require social media integration?", and
- "Will you need a dynamic photo gallery that you can update yourself?".
Depending on the options selected Erik’s price calculator generates prices between US$500 and US$16,500, where for $500 you basically get a site and theme installed, nothing more. And for small business websites I’d say that’s pretty close although frankly I’d expect more like US$1000 and US$25,000.
What About Non-US People?
Note those prices above are for US-based WordPress developers.
And yes, you can pay significantly less to have a WordPress site built by someone outside the USA. But it’s also possible that you will pick the wrong person and that person will either not deliver or will deliver something that doesn’t match your expectation after your entire budget has been spent.
Offshoring can work great for certain type of projects if you have the luxury to pay to try numerous people to find the one that really meets your needs. But if you have only enough budget to try one person, your taking a big risk with your money. And you’ll have no recourse if they fail you.
So caveat emptor if you hire your web developer off Elance.
Agency Projects for Large Companies
By the way, if you are trying to determine the cost of a WordPress website for your Fortune 500 employer expect that your site will cost between US$100k and US$500k.
Why the huge difference in price between small business websites and large business websites? In a word, "Expectations."
More specifically, because of their collective need to see exhaustive design variations, their need to allow your numerous stakeholders to control and approve every detail, their insistence that unrealistic deadlines be met, their expectation that every aspect is perfect upon first preview of features, their desire for constantly scheduling unnecessary and unproductive meetings, and their IT department’s insistence upon using a hosting company that has no expertise in WordPress and no desire to learn it.
But I digress.
But Do You Really Need a Designer?
Considering the budget of US$1000, maybe a "Website Designer for graphics work" is not really what is needed. Maybe what they need is a what I like to call a "Site Builder."
A Site Builder is a jack-of-all-trades and master of none, with respect to WordPress. This is someone who can setup a web host, install and configure WordPress, select an off-the-shelf theme and tweak it to incorporate the logo, and finally add and configure various plugins to add functionality such as email signup forms, social media integration and optimization for SEO.
To further illustrate the difference between a Designer and a Site Builder I roughly categorize WordPress skills as one of these where many people having more than one (1), but rarely more than two or three:
- User/Author (Content writer)
- Layout/Graphic Designer (Photoshop)
- HTML Coder (HTML+CSS)
- Themer (WordPress Themes)
- Back-End Developer (PHP/MySQL/Plugin Developer) <– This is me
- and finally Site Builder (Installs/Configures/Adds a Theme and Plugins)
Other WordPress Specialties?
I tend to want to make my lists exhaustive, so in that vein I might as well list these specialties too, for the record:
- eCommerce Specialist - Expertise in online retail and payment processing
- SEO Specialist - Optimizes for search engines
- Security Specialist - Reviews code for security holes
- Performance Specialist - Helps developer improve performance
- Hosting Specialist - Configures servers for high scalability
What are Off-the-Shelf Themes?
Yeah, I threw that bit of jargon in there when I mentioned Off-The-Shelf Themes. If you are not familiar with this term it refers to packages of design and code that you can purchase from 3rd party vendors that, once installed will update the look and feel of your WordPress-based website.
In it’s 10 years WordPress has spawned a large number of commercial theme vendors, more than 100, although the vast majority of themes are probably sold by 10 or fewer vendors.
Look for an Existing Theme.
If you need a website and your budget is small I’d recommend you surf the main theme vendors websites to find a theme you could envision your future site using. If you can find one that meets all your needs, your low budget website might just be able to be reality.
The following list are the theme vendors I know the best, in alpha order (if you are a fan of another theme vendor feel free to list in the comments.):
But Don’t Expect Significant Changes
Please do realize though it is very difficult for a Site Builder, Graphic Designer or even HTML Coder to make more than trivial changes to the look-and-feel of an off-the-shelf theme without a huge expense. Themes can be very complex beasts and it often takes as long for someone to learn how to modify someone else’s theme than it does to create one from scratch.
So please don’t put your Site Builder in the position of having to explain to you why your "simple change" is really a very time-consuming and labor intensive task (that they will have to bill you for, if they will even agree to do it.) Instead, have them explain to you what is easy and what is hard and then only ask them to do the easy (and inexpensive) things. Your willingness to appreciate their efforts will keep them wanting to service you in the future when you need additional support.
Finally, Who Do I Recommend?
So who do I recommend to build your WordPress-based small business website here in Atlanta? Frankly in good faith I can’t recommend anyone. Why? Because I’ve never worked on a team building a small business website before so any recommendations I would make would really just be me telling you who I know.
That said, I can tell you who I know that specializes in building WordPress websites, in the Atlanta area. Here they are, listed in order of how well I know them (note: I believe all of these have minimum fees higher than US$1000):
There are a lot of others I know outside of Atlanta, but most of the requests I get are from people in Atlanta and thus I’m listing those I know who serve my local area.
And yes I know, it’s a potential faux pas for me to create this list as I’ve most certainly forgotten someone; if it was you who I have forgotten please accept my profuse apology and leave a comment with your contact information below.
Friends, Family or DIY?
Finally, if you or your friend cannot find a WordPress specialist to build your website within your budget, maybe you can find a friend or family member who can help? WordPress powers almost 20% of the web so that means you probably already know a friend of a friend at least who has set up their own WordPress website and can help you get your site going. Ask on Facebook, maybe?
If you are a non-profit, as above, maybe you can find someone passionate about your non-profit’s mission who knows how to set up a WordPress site; they might be willing to work for significantly below market rates.
And if all else fails, do it yourself. It really is possible for a reasonably intelligent person with moderate computer skills to install and configure WordPress; it just takes a bit of stick-to-it-iveness and lots of Google searches to figure out how to do it and launch it yourself.
Anyway, hope this helps.
WordPress Platform Architect
- Instead of designing and building small business websites I architect and build products based on WordPress for software companies and agencies. I call myself a "WordPress Platform Architect." My focus is very narrow and as such I don’t develop the experience needed to build websites for small businesses. I can’t help select a theme and I don’t know which plugins work best. And I’m as far from being a designer as any web person has the potential to be. But if you want to use WordPress to implement a complex site and need a specialist to architect if for your team to then perfect, I’m your guy.
Dec 10th, 2013 | WordPress
Post Meta Meeting
Tuesday December 3rd & 10th 2013
Git on BitBucket
- Mike Schinkel
- Micah Wood (wpcholar)
- Andrey (Rarst) Savchenko
- Taras Mankovski
- We built a company’s products
- Platform for building large lawfirm website
- Client didn’t respond well to: "Well we can’t (easily) to do"
Admin User Interface
- Should be able to completely replace metaboxes in admin UI
- Especially Title, URL and TinyMCE editor
- Most common use-case; a single metabox
- Optional "modules" should be able to add to that metabox
- vs. adding another metabox.
- Adding to metabox is not hard with Sunrise architecture.
- For Post Meta Key & Value
- See SQL Query
Field Features Objects
Fields generate collection of HTML elements.
Made sense to create "field feature" class to subclass because all shared so much code.
- Especially useful to output Schema.org valid markup
- Postal Address: ‘postal_address’
- Stored as:
Virtual Field Types
- "Real" types defined by class
- Virtual types based on existing type w/set of arguments.
- Like cascading properties of CSS
Field storage defined by field, themer need not no storage location.
- Meta storage
- Core storage
- Table storage (custom sql)
- Taxonomy (term) storage
- Amazon S3
Dynamic Forms within Forms
- Form Selector Field
- One field could display a form within a field
- Created a ‘form_type’ meta field to control which form type
- Overuse leads to madness
- Should support simpler use-cases
- Repeating should be in core framework, not its own field type
- Complex use-cases should use object/post relationships (hint/hint)
- Minimize nested arrays when initializing
- Separate Declaration from Fixup
register_field() vs. one
- Then there is MVC + Mixins…
Oct 2nd, 2013 | Opinion, Web, WordPress
I was recently added to the WordPress API team and this post contains my thoughts about the recent authentication discussion.
WordPress have a reasonably robust authentication system built in, the username and password system and it would be possible to use it along with Basic Auth to allow for API authentication. Please forgive any typos in advance; this was long and I didn’t really have the time to fully proof it.
Authentication, Identity and Authorization
While Authentication is very important there is also Authorization to consider. Here’s a nice blog post from Apigee on the difference between three (3) terms: Identity, Authentication and Authorization (IMO Apigee are the leading experts on web API design at the moment). In a nutshell here’s what they terms mean:
||What it Means
||Who is making the request?
||Are they really who they say they are?
||Are they allowed to do what they are trying to do?
And as they point out we may not need them all but what we need is the point of this post.
As a side note they say "Take Twitter’s API; open for looking up public information about a user, but other operations require authentication." What this says to me is an API key would be ideal for most read activities but most write activities should require Authentication.
Authorization without Authentication
As much as we need Authentication I think we need Authorization even more. There are some API actions we’ll happily allow anyone to do such as download the list of our most popular posts and we don’t need to authenticate for that, we only need to authorize.
Why authorize? Why not just allow open access? So we can track who we authorized in case, for example we need to rate-limit their usage or even revoke their access.
Let me get this out of the way sooner than later. Anything that requires SSL is a non-starter just as requiring PHP 5.3 for WordPress 3.7 is a non-starter. Need I say more on this point?
However we could allow support for SSL, assuming that for what we implement the SSL and non-SSL solutions are compatible.
Mainstream Options for API Security
Let’s discus the variety of methods for securing an API; some mainstream and some a bit esoteric. Bottom line is that most informed people seem to say "Don’t role your own." So with that in mind I believe we have these options:
||Generally considered the best balanced security option for mainstream web apps where security and ease of interaction for users is balanced. But can be complex to implement, especially on the client end, and requires SSL to be secure.
||Not as good as OAuth 2 but super easy for the client to implement OTOH it is not secure unless SSL is used.
||More secure than Basic Auth but still not fully secure. Quite a pain for the client to implement..
||Well-tested and doesn’t require SSL but is non-standard (ignoring "defacto-" standards) and still requires an API key.
||Very simple for the client to implement and as secure the Capabilities tied to the API key, i.e. if it can only see public data and not update then it’s "secure enough". Fully secure if used with SSL. Assuming users can’t change passwords with the API key then it’s more secure than Basic Auth because user credential are never in a position to be compromised.
(Did I miss anything?)
Given the available options it would seem to me that OAuth 2, Digest Auth and even Amazon Auth are non-starters as a requirement for use of a JSON API in WordPress core because of the complexity each of them heave onto the API client developer, at least if one of these is the option for accessing the JSON API.
Basic Auth vs. API Keys
Which leaves the unsecure Basic Auth and mildly secure API Keys. So review the pros and cons of using Basic Auth – which is tied to the WordPress user’s username and password in the current version of the JSON API – and API keys:
- If API login is compromised then user may loose their account or be made to go through the hassle of regaining access.
- Since APIs access can be automated it’s much more likely that a hacker could capture a username/password on a non-SSL API call (calls might be made continuously) than for a user login (which comparatively happen very infrequently.)
- Can only support one Authorization profile per user account.
- To support multiple authorization profiles a user would need create multiple user accounts,
- To allow another person API access they either need to share their username/password or create another user account for them.
- If API access requires a user account some sites could go from 5-10 users to having 50,000+ users (think of smaller sites like Mashable.)
- If multiple user accounts are required then we’ll need a way to relate user accounts and allow one user account to manage other user accounts.
- API authorization is decoupled from user accounts.
- One or many API keys can be tied to a single user account.
- If API Key is compromised user can login and deactivate it.
- Plugins could easily deactivate API keys if they follow an abuse pattern.
- API keys could be added with expiration dates.
- Sites with a large number of API users do not gain an explosion of regular users.
- Each API Key can potentially support a different Authorization Profile (example use-case: I provide on API key to a social network – the key has limited capability – and use another API key – one that can do anything my user account can do – for an official WordPress mobile app that I use to access my site.)
- Requires what appears to be more architecture
It seems to me from this comparison that API keys are the only reasonable option for allowing JSON API access to much of WordPress. However they are only appropriate for some use-cases and not even as-is they are not as a complete solution. Let’s discuss the rest of the solution for the use-cases in which I think they apply.
It also seems to me that tying API access to users accounts could easily create an explosion of complexity and significant user experience problems as users see their logins hacked by unsecure usage and then are locked out of or even loose their blogs.
API Roles and Capabilities
One of the ways in which API Keys might be acceptable without Authentication is that some things can be made freely available holders of API keys if we add in "API Roles and Capabilities."
Just like User Roles that are assigned a collection of Capabilities we could add "API Roles" that also have "API Capabilities". These Capabilities could be used to determine the Authorization status for each (what I’ll name) an "API Service" when requested.
Note: I’m defining an "API Service" as a URL + an HTTP method (GET, POST, etc.) and I’m calling the collection of Authorizations for all API Services as a "Authorization Profile."
I’ve reviewed the code for the
WP_User classes and I think the first two could be used without modification. If so then we only introduce a
WP_API_Request class. And depending on the opinion of others the
WP_API_Request class could be standalone or the
WP_User class could be refactored to extend from an abstract
WP_Auth class thereby allowing the new
WP_API_Request class to also extend from
We could then decide on a convention that any Capability name prefixed with
'api_' is a capability for an API Service and we add a function
current_api_request_can() or just
api_request_can(). Armed with
api_request_can() we could write code like the following (note that
'api_' as a prefix and thus does not require it to be passed):
Are We Adding Too Much Code?
Although a comment was made that "we don’t want a huge chunk of code just for authentication" I would suggest that even if it were to be a large amount of code, which I doubt there would be, it shouldn’t matter how much code we add as long as that code doesn’t require significant maintenance and more importantly does not impose significant complexity onto the admin user in terms of "more options."
Assume that in Settings > General we add only one (1) single checkbox with the label "Enable JSON API" which by default we leave unchecked.
Once the user has explicitly chosen to enable the API (the equivalent of activating the plugin we have today) a single "Tools > JSON API" option is added.
The Tools/JSON API admin page can use tabs to organize the information so it would not be overwhelming, if even needed.
To offer the user the list of API keys we can reuse/modify the Taxonomy add/edit functionality assuming we add a
'user_api_key' taxonomy to allow us to store, lookup and manage API keys related to Users who would "own" the API keys.
Another tab for the Tools/JSON API admin page could potentially offer the ability to add and manage API Roles and another tab for API Capabilities. Or not, we could require these be managed programmatically just like User roles currently are.
And finally a main tab that allows you to force SSL use, or not.
What I’ve describe above it really not that much code. Would it make sense to risk the potential downside of tying the API to username and password in order to simply avoid the code that the API keys management would require?
Handling Escalating Security Requirements
Consider the "API Services" discussed earlier; we could implement a mapping of authentication requirements to API services such that different services have different authentication/authorization requirements. Consider this table:
||API Services That Allows
||Example API Service
|No API Key Required
||Access to public information with a low risk of needing a rate limiter.
||An API service that returns site name and other metadata. The metadata could also including a links to an API service to request an API key via API.
||Access to public information that might need to be rate limited.
||Return the current list of blog posts.
|API Key + Nonce
||Add Content or Update Revertible Content
||Update of Posts, add Taxonomy Terms.
||Add Content or Update Revertible Content
||Update of Posts, add Taxonomy Terms.
||Returns secure information for client w/o API Key
||Retrieve an API key programatically.
||Updates secure information
||Modify User Profile, Deletes Posts.
||Update highly sensitive information
||Change user password
API Keys + Nonces
Note that we combine nonces with API keys. One of the ways WordPress handles security is with nonces, and the API need be no different. Note that the nonce would be generated by WordPress core or a plugin for the logged in user to allow their browser’s to use the API via AJAX. These use-cases would authorize for the JSON API similar to how the current AJAX system in WordPress authorizes.
For mobile apps nonces could also be offered to last for longer, requiring a mobile device to retrieve a new nonce once every 15 minutes or so but then allowing them to just use the nonce + API key within those windows. Of course you wouldn’t want a 15 minute window for nonces used with AJAX apps
So if we follow the outlined approach we can provide a reasonably level of API access without requiring SSL but we can still enforce the benefit of SSL for those who are likely to have the where-with-all to upgrade to SSL.
Consider this, if they need their sensitive parts of their site updated via API then they are likely special enough that they can make sure that SSL happens. But if unexpected consequences occur and someone builds a SaaS that people want to use but that requires SSL then frankly it creates an opportunity for hosting companies to see a high level of demand for turnkey SSL setup.
And optionally we can add an
'WPAPI_ALLOW_NO_SSL' constant for those site builders and site owners with a "Devil May Care" attitude.
In summary I’m proposing for the JSON API for WordPress to:
- Use API Keys for Authorization
- (And if you are still not convinced, read this).
- Incorporate API Roles and Capabilities
- Support Escalating Authentication Requirements for API Services
- Build Single Menu Item Admin UI for the admin to Manage the API.
Let me know your reactions in the comments below.
Oct 1st, 2013 | Opinion, Programming, Software
As an active JetBrains’ PhpStorm user one of my feature requests was for First Class WYSIWYG Markdown/Markdown Extra Support. Unfortunately they told me (and others) to use a 3rd party plugin which given it’s lack of quality and features turned out to be a non-starter for me. So I continue to use Markdown Pro which I love for what it is but I really need an order of magnitude more features.
But today I was thinking hard about how I’m going to implement documentation for the project I’ve worked on over the past 3 months without killing myself. A sad realization came over me that using MarkDown Pro would be very painful to use because it’s really nothing more than a glorified Notepad with Markdown support and a preview window; it has nothing to support me in the developer of documentation projects.
Then it hit me; what I really need is not an ability for PhpStorm to edit markup but instead a full-featured documentation IDE targeting programmers. And frankly I think the company best positioned to offer this would be JetBrains but I’d be happy to see any company offer it, if someone just will (Maybe those Sublime guys could…?)
So if you are from JetBrains or from some other company please consider the following feature set:
Here are just some of the features that I’d love to see a Documentation IDE support
- Manage "Documentation Projects" vs. just individual markdown files.
- Multi-pane editor like PhpStorm but with panes that support document creation.
- Vertical or horizontal split edit and preview windows.
- CSS-based Themes for preview.
- File Watchers for post processing LESS, Saas another other features.
- Version control support for Git, Mercurial, SVN, etc.
- Support for docs in a subdir of a code repository or as independent repo.
- Support for all major Markup/Markdown format including Different Dialects and HTML
- Conversion between Markup/Markdown formats
- Ability to configure all and/or specific documents to be edited in one format/dialect and saved in another.
- Ability to Publish and Maintain Documentation Websites from DocStorm
- Publish directly to GitHub Pages as well as maintain existing GitHub pages.
- Publish to Evernote, DropBox, etc.
- Offer "POST-To-Publish" feature that would allow us to publish and update using HTTP POSTs so that we could write our own server-side integrations to other locations besides GitHub such as CMS (WordPress, Ghost, etc), Wikis (Mediawiki, etc.), SaaS platforms and more using our own PHP, Ruby, Python, Node.js or other code server-side code.
- Navigation Between Documents
- Jump to Document via selected hyperlink
- Jump to Section of Document via selected hyperlink+fragment
- Jump to File by Name
- Jump to Headings in Project (find by autocomplete)
- Refactor Document Structure to change all affected links
- If URL changes
- If URL fragment changes
- Move selected content into a new file and insert a link to the new file.
- Provide a tree view of files and allow refactoring by drag-and-drop in tree view, with all necessary link fix-up.
- Manage Images
- As part of the project, relative to the project root
- Enable images to be previewed inline
- Search and Replace like the wonderful PhpStorm search & replace)
- Regular expression search.
- Highlight on up/down arrow of selected options.
Also potentially valuable would be integrations with existing documentation tools although I can’t yet envision exactly what that would look like:
- PHP: PhpDocumentor, ApiGen, etc.
- Ruby: RDoc, Yard, etc.
- Python: PyDOC, Sphinx, etc.
- Java: JavaDoc, Doxygen, etc.
- APIs: Swagger, Apiary.io, etc.
Benefits to JetBrains
But even if they won’t do it, maybe someone else will?
If you like this idea please vote for it on the JetBrains tracker
So JetBrains considered the idea, but decided against it. :-( But they have changed their mind in the past if they’ve had enough requests, so please vote for both these tickets, if you will:
Better yet, if you are in the editor space and looking to expand your market, please consider building this flavor of your product and I expect you will find many new customers.
Dec 1st, 2010 | Opinion, Programming, Technology, Web, WordPress
This blog post has been simmering inside me for while. Some might think it as link bait but frankly I don’t blog often because I don’t have the time to manage lots of comments. So the thought of posting something that will likely be controversial has me going against my better judgment (but it won’t be the first time I’ve done that. :)
Say what?!?!? Although the conventional wisdom is that WordPress is really just a great blogging tools and Drupal is more appropriate when you need a full-featured CMS for business use, the conventional wisdom is unfortunately outdated. Since WordPress released version 3.0 in mid-2010 there are now very few if any good reasons to use Drupal instead of WordPress when your business needs a CMS.
Maybe, but history has shown much heresey to be the voice of truth later vindicated. However, rather than ask you to just take my word for it, I’m going to explain below 17 tangible and specific reasons why WordPress is a much better choice for a business CMS than Drupal.
Just the Facts
But for those of you who can’t be bothered to read the details I can summarize in two (2) points:
- Site Architecture and
- Backward Compatibility
Drupal’s site architecture, which on surface appears quite elegant is in reality Drupal’s biggest weakness. Drupal projects can start very inexpensively with large initial wins but the costs to add increasing functionality are discontinuous and in my experience soon soar out of control. I’ve seen several Drupal projects fail simply because of Drupal’s architectural inflexibility; many projects becoming difficult if not impossible to complete On the other hand there is WordPress’ architecture which, while seemingly less sophisticated and with more code duplication nonetheless enables the perfect combination of flexibility and unlimited functionality in my opinion where the increase in cost for more functionality scales linearly starting from zero.
As for Drupal’s position on backward compatibility they only maintain compatibility between major versions, which means you’ll be probably be forced into having to do a fork-lift upgrade since they only official support one major version behind. Who in their right mind would put their business in such a position? WordPress, on the other hand, bends over backwards to maintain an upgrade path between 0.1 versions.
WordPress and Drupal have some different terms for similar concepts and the following might be confusing if you are not aware of how these terms relate. What WordPress calls a "Custom Post Type" Drupal calls a "Custom Content Type."
In WordPress a developer uses the register_post_type() function to define a custom post type whereas in Drupal a developer or user defines a custom content type in the admin console using the "Content Creation Kit" module (a.k.a. "CCK".) WordPress calls all content items "posts" (which is the generic term for the more specific "Pages" and "Posts"; confusing, I know, but that’s for legacy reasons. Drupal on the other hand alternates between calling content items "Content" at times and "Nodes" at other times.
As for versioning, WordPress strives every four (4) months (but it sometimes takes six) to launch a "point 1" or 0.1 version increment (such as v2.9, v3.0, v3.1, etc.) whereas Drupal uses major and minor versions (i.e. v5.x, v6.x, v7.x, etc.) with no specific release schedule between major versions.
Now with that out of the way, on to the 17 reasons.
17 Reasons to Pick WordPress vs. Drupal:
- WordPress Allows Infinite Design Flexibility - Drupal not so much. Because of it’s fundamental technical architecture most Drupal sites have a certain look and feel that is very difficult to get away from (note the "I think though doth protest too much" quality of these three (3) posts), WordPress is as flexible as HTML because of it’s architecture.
More specifically when a browser requests a web page from a Drupal-based website, Drupal inspects the requested URL and then delegates reponsibility for generating parts of the HTML page to both applicable modules and to components of Drupal itself. Drupal then collects up the generated HTML and composes a completed HTML page when it sends to the browser. Drupal manages everything and this archecture is minimizes duplication of responsibilities and is an architecture that an engineer can truly love.
Unfortunately Drupal’s architecture is also highly coupled and thus rather inflexible; when you want a web page that doesn’t fit into Drupal’s model you either 1.) learn complex and arcane methods to achieve what in pure HTML would be incredibly simple, 2.) rebuild major portions of Drupal functionality for your custom page or 3.) just give up and do it the way Drupal wants you to. Or as I like to say when explaining this unfortunate aspect of Drupal:
As a Drupal developer you are constantly battling Drupal to get back in control of the HTML that it will output for any given URL. Drupal is like a "Roach Motel" for URLs: Once a URL enters Drupal it never leaves!
- Usability has been "Baked-in" to WordPress - With Drupal, usability was an afterthought until version 7 and they’ve been desperately trying to improve it; usability tests by the Univeristy of Baltimore identified many critical usability issues in Drupal (the video is a must watch.) But some things such as usability need to be central to the philosophy of the developers and not tacked on as an afterthought. In Drupal you frequently need to visit at least two different pages in the admin to affect what a user would see to be one external change. With WordPress the admin console was originally user tested by the project founder’s mother ("If mom can use it, anybody can!") and that fanatical concern for usability has permetated the project. In Drupal some of the more active developers are known to say "If you don’t find Drupal usable maybe Drupal is not for you."
- WordPress has a WYSIWYG Content Editor in Core - Also a usability issue but an important specific one, with Drupal there is no standard WYSIWYG editor leaving the site implementor to choose from thirteen (13!) suboptimal editor module choices, none of which are maintained at the same level of Drupal core. In WordPress, TinyMCE has been a highly usable standard for more versions that I’ve been using WordPress. (Personally this was one of the biggest issues I had with Drupal and why moving to WordPress was such a godsend for me.)
- WordPress Strives to Maintain Backward Compatibility - Drupal wears as a badge of honor that they wipe the slate clean with every major version. Drupal mostly ignores backward compatibility with the prior major version because yes it is nicer for the core developers not to have to worry about backward compatibility. But for your business the reality is that if you implement a site using Drupal you are stuck on that major version until you choose to invest in an expensive rewrite of your website.
Ponder this issue for a moment. In my opinion, choosing Drupal can result in a nightmare once the version of Drupal they are using becomes too obsolete and is no longer supported. This is such a huge negative that I can’t really see why any business that is doing their due diligence would ever choose Drupal no matter its feature set.
With WordPress most upgrades are seemless and those that are not are usually easily fixed because of the attention to maintaining backward compatibility.
- A WordPress-based Website’s Source Code is Easier to Manage - Drupal co-mingles user content with what is in effect a website’s source code in much more significant ways than WordPress does. For example, to design of "Custom Content Type" in Drupal gets stored in the MySQL database; in WordPress "Custom Post Types" are stored as PHP code. For any business website managed by professionals it is critical to use a source code version control system and it’s easy to submit PHP code to version control but very difficult to submit records in a database to version control. This fact alone is a extremely strong argument for WordPress and against using Drupal for any serious website development project.
Yes out-of-the-box Drupal is easier for a non-technical power user to add custom content types compared to with WordPress, but we are not talking about the needs of a housewife to organize her recipes, we are talking about which one is the better choice for a business CMS and WordPress wins hands down in this category. (BTW, there are plugins for WordPress such as Custom Post Type UI that provide the end-user with the same ease of use for creating custom post types that Drupal has for creating custom content types.)
- Collaborative Development is Easier with WordPress - This reason is a variant of source code being easier to manage. Without a good version control strategy it is much harder to get a local copy of a website for development. Developers in a Drupal shop have to spend a lot more time merging their databases so the up-shot is that many Drupal developers co-develop on the same installation, and often the live installation at that which results in overwriting each other’s code and limits a developers ability to roll back. It’s much easier to develop with a local copy of WordPress so WordPress developers tend to do it more often.
- Revisions of WordPress-based Websites are Easier to Deploy - This reason is also a variant of source code being easier to manage. 1 but the headaches are seperate so I list is as a seperate reason. Because WordPress maintains a lot more of its logic in PHP code WordPress is much easier to deploy than a Drupal application. Drupal developers end up writing a lot more SQL code that they then need to test everytime they need to merge data used to control new application logic into the database of a production webserver on deployment of a revision to an existing website. The significance of this is hard to underestimate.
- Easier to Find Skilled Designers for WordPress - To create a beautiful website design for WordPress designers need to be good at design, of course, but beyond that they really only need to learn how to copy and paste "Template Tags" as they able to have full design freedom when producing the HTML that will be used for a WordPress theme.
Drupal designers, on the other hand, need to be skilled PHP developers too and with a rare exceptions those two skillsets are mutually exclusive. When you do find someone who can do both and do both well, they will be hugely in demand and thus outrageously expensive but the real problem is with Drupal you really won’t know if they are one of the rare few until after you’ve paid them a lot of money to either create a "house of cards", or a really ugly house.
With WordPress you can get a great designer to work with a great developer, both of which are easier to evaluate than combined greatness, and you are set.
- There are More WordPress Professionals Available - A corollary to finding skilled designers, it’s simply much easier to find WordPress professionals to hire for projects than it is to find Drupal professionals.
- WordPress Professionals Charge Lower Rates - Another corollary to finding skilled designers and more WordPress professional being available is it is less expensive to find a WordPress professional than a professional for Drupal. If you ignore the fact that there are many more WordPress professionals another factor is WordPress professionals don’t need to be as proficient in as many areas as their Drupal counterparts. People who can really make Drupal sing are really expensive.
- WordPress’ Code is Much Easier to Debug - Drupal’s highly nested architecture makes it so that a developer spends most of his time looping through a few core functions waiting to find which code controls what they need to modify. Often with WordPress the developer can simply set a breakpoint on the theme’s template file and debug from there.
- WordPress Sites Load Much Faster than Drupal Sites - Drupal runs upwards of 100 SQL queries for every page load because of its site architecture. With WordPress the number can easily be less than 10. And the time to run those SQL queries easily add up. Drupal advocates will claim those queries can be made insignificant by the creative use of caching but the reality is that you cannot cache most items in the admin console so the end user who is forced to use Drupal will be saddled with a level of fatiged and is just not necessary, if you instead choose WordPress.
And lest you feel this is unimportant technical concern be aware that site performance is now something that Google uses to determine search engine result rankings. Host your website on a slow platform and prepare for an uphill battle when it comes to achieve top rankings in Google’s search engine results pages.
- WordPress Requires Less Expensive Hosting - A corollary to page load performance is that the typical Drupal site requires a lot more server to serve each of it’s pages than does a typical WordPress site. Those who choose WordPress for a seriously high traffic site will usually find they can serve more pages with the same servers and/or that the memory requirements for WordPress will typically be a lot less. And for a high traffic sites this could either be real money and/or it can mean that the site is less likely to fail in the case of a flash mob such as a Slashdotting.
- WordPress has the Most Integrations - More companies or their 3rd parties offer plugins for WordPress to integrate with their services than another other platform, specially more than modules available for Drupal. Twitter, Facebook, Freshbooks, MailChimp; you name it, they all have WordPress plugins. If you need one for Drupal and it’s not a mainstream service like Twitter or Facebook chances are you’ll have to pay to have it written.
- WordPress has More Robust Extensibility Method - Both WordPress and Drupal use the term "hooks" to describe their exensibility mechanisms and while there are similar there is an important technical difference. In WordPress you associate a bit of functionality to either run or filter a value based on the name of the hook and you can have as many hooks of each type as are needed. In Drupal you do the same except that hooks are identified hook name prefixed with module name which means you can only use a given hook once in a module; if you need to use it twice you have to create another named module.
Of course the module name limitation is an annoyance but not a huge problem. The huge problem comes when you need a module to disable a hook that was enabled by another module you otherwise need. This is a technique used somewhat frequently in WordPress but when it’s needed it is essential. In Drupal, even if you need to you simply can’t. And all because of Drupal’s architecture choices.
- WordPress has Far More High-Quality Attractive Themes - Drupal has almost two orders of magnitude less. Why is this the case? Because it is so much harder to create a Drupal theme (as mentioned above), designers have to be good developers to theme Drupal (also mentioned above) and there are just so many more people using WordPress.
Now having off-the-shelf themes is great for micro-businesses, startups and even tactical projects but most businesses will want a custom theme developed to showcase their brand in the best light possible yet the existence of so many commercial themes still benefits those who need custom themes. Why? Because it means that collectively WordPress custom theme developers have a lot more experience developing quality themes than their collective Drupal counterparts because many WordPress designer offer up commercial themes for sale in addition to their bespoken work.
And then there are the theme frameworks for WordPress like StudioPress’ Genesis and WooTheme’s Canvas which create excellent headstarts for theme designers with lots of pre-built functionality that designers would often have to charge clients to develop. Drupal does have the concept of theme frameworks but they are really an esoteric option for Drupal.
- Lastly (for my list, at least) there is a WordPress Answers but not one for Drupal - Yes an attempt has been made but there’s just not enough community support for a Drupal Answers (yet?) And while this reason may seem gratuitous, believe me it is not!
The official support forums for both Drupal and WordPress and even the mailing lists for WordPress evidently encourage a level of disrespectfullness that is pervasive in so many open-source communities and it can be a huge time sink for the business person who just wants a problem solved. On the other hand the mechanism used by StackExchange’s WordPress Answers brilliantly encourages timely and helpful support discourages such unproductive behavior with its reputation system.
And whereas many support queries on the Drupal (and WordPress) forums go unanswered, the majority of questions receive a reasonable answer on WordPress Answers (currently at 94%.) If you have a WordPress issue you need solved, or that your developer needs to solve, the existence of WordPress Answer compared with the non-existence of Drupal Answer means that solutions will come far more quickly and far less expensively.
So there you go. 17 Substaintial Reasons why WordPress "The open source blogging tool" is a far better pick when selecting a CMS for business use compared with "*The* (2009) open-source CMS" Drupal. (Oh, and the judges picked WordPress as the best CMS for 2010.) Need another opinion? See Wikipedia’s criticisms of Drupal and the relative lack of criticisms about WordPress.
Of course it would be unfair and disingenous of me to call out WordPress strengths and Drupals weaknesses without also telling you where I see weaknesses with WordPress and strengths of Drupal and for me not to tell you what are the use-cases where I’d be hard-pressed to dismiss Drupal in favor of WordPress. So here you go:
- Drupal Allows for More Flexible URL Design - Since WordPress grew up as a blog they hardcoded the URL routing logic which has resulted in some rather odious limitations in how you can design your URLS. Drupal’s URL management is no panacea either — you can end up with a difficult to maintain mess — but at least Drupal *allows* you flexibility that is often just too hard to implement robustly with WordPress
(Note: I have a plugin on the drawing board whose goal is to remove this limitation from WordPress. Once it sees the light of day I believe WordPress’ URL routing will be much better than that of Drupal. But alas, at least today, Drupal wins in the URL category. If someone using WordPress really badly needs better URL routing in WordPress and can fund the plugin development please contact me as by nature my priorities are defined by my client’s needs.)
- Drupal Offers Out-of-the-Box Content Type and View Creation in the Admin - Yes, out of the box a saavy end user with adminstrator rights can create and define Custom Content Types with custom fields and even custom reports/queries called "Views." This enable and end user with the time to learn Drupal to build a content-based system without any developer help. And for certain scenarios this would be invaluable, such as in certain government or academic departments were there is zero budget for development today, there never will be budget, and the end user either does not want to or is simply incapable of learning how to write the simply PHP required to register custom post types in WordPress.
On the other hand, there are WordPress plugins that duplicate the functionality of CCK and there are numerous plugins that expore the Custom Post Type registration via a UI in the WordPress Admin. Still, as far as I know, there really is not WordPress equivalent of Views.
Still, even though you can create custom post types in WordPress using a plugin that exposes an admin UI it doesn’t mean you always should. As I said above I highly recommend that anyone business that is having custom solutions built using WordPress not build them using an admin UI for defining custom post types but instead embed that logic into version-controllable PHP files.
As for Views, it’s basically the same recomendations as for custom post types; rather than store them in the database like Drupal does it works much nicer just to code calls to WP_Query into PHP code; easier to version control and also easier to test, verify correct and certain that aspect of the site to be bug free.
- Drupal has Positioned Themselves Better in the Eyes of Large Enterprise - Here’s where I think Drupal has succeeded brilliantly. Because of the efforts Acquia’s products, services and solutions there are many large companies that believe in Drupal. I believe they have done a much better job of courting the Fortune 500 crowd than WordPress has via Automattic and it’s VIP Support and Hosting offering.
That’s not to say there are not some really phenominal companies delivering enterprise class solutions on the WordPress platform such as Voce Communications and TayloeGray just that there is a segment of decision makers in large business who will only consider working directly with the primary vendor and in these two cases the primary vendor for WordPress is Automattic and the primary vendor for Drupal is Acquia. And while I love WordPress and think highly of the team at Automattic it’s clear to me that Acquia have done a much better job of positioning themselves as a company that provides enterprise class support for their platform.
But what about Drupal for Community Sites?
One of the use-cases oft cited for Drupal’s superiority is for community sites. But frankly, I don’t buy it.
As an active member of the Drupal community for two years (speaking of which, I need to update my profile there) I found drupal.org to be an extremely frustrating website in which of participate in a community. The forums were not at all effective in the ways that other forums I’ve seen like vBulletin have been effective, and using them as a user was far more pain then pleasure (by contrast I find StackExchange mechansim at WordPress Answers to work brilliantly but alas it’s not software you can implment for your own community.)
Actually at this point I think it’s counter productive to set up yet another social network but if you are convinced your strategy makes sense I’d be included to launch it on BuddyPress instead of Drupal, and BuddyPress is now a plugin for WordPress. And one of the really great aspects of BuddyPress is it that it leverages the brilliant network/multisite feature of WordPress which has completely nailed the "single install - multiple website" architecture.
Who am I to Judge WordPress vs. Drupal?
Full disclosure, I’ve been making my living as a WordPress specialist for almost two years and I plan to launch a company that provides tools and support for professional website developers and interactive agencies who have chosen WordPress as their platform for client solutions. The reality is that I could easily choosen to do the same for Drupal but did not.
I spent two years working with Drupal as my preferred platform, from mid 2007 through early 2009 and I gained experience working with versions 4, 5, and 6. I was drawn to Drupal by it’s elegant architecture (I’m an engineer by degree and thus appreciate elegant technical architectures) and frankly by the fact that Drupal was the only solution of the three main open source CMSes that could actually be used as a CMS without obvious issues (why I avoided Joomla is the story for another day.)
Back in 2007 using WordPress as a CMS was simply not an option, so I moved forward and became enamoured with Drupal and it’s Custom Content Kit, Views and so many other (what seemed like) wonderful modules. I became active in the local Drupal Meetup group and spoke at several of their meetings. I registered a "DrupalCamp.com" domain with plans to launch a local DrupalCamp and more. I really drank the Drupal koolaid.
But then by happenstance I had finished a Drupal project and was looking for another when a 6 week project to write custom admin plugins for WordPress 2.7 fell in my lap. Since I far prefer to develop admin functionality than full websites I figured "How hard can it be?" and took the job. While I worked on these plugins I discovered WordPress much easier to develop for than Drupal but I still held on to the notion I’d return to doing Drupal work once the project was done. As the project progressed an inner conflict raged as I came to prefer WordPress all the while mourning what I would be loosing if I were to leave Drupal (CCK and Views, mostly.)
However by the end of the 6 weeks it became crystal clear to me; WordPress was a much better system than Drupal even without all the CMS features. I was reminded of how many personal Drupal projects I had unfinished simple because it’s do hard to get a good looking site completed in Drupal, the last 15% it pure hell to complete. So I decided I would build my own CCK equivalent and use WordPress instead. Honestly, it didn’t go so well with WordPress at first. Trying to create my own CCK was fraught with frustration and I wasted copious time trying to bend WordPress to my will. But I did and limped along.
Then v2.8 came out. And then v2.9. And then finally v3.0 was announce with Custom Post Types and fortunately I was in a position to just on the beta version. It soon became clear to me that the WordPress team got Custom Post Types right and that v3.0 was going to be a watershed release and, as they say, the rest is history.
As I write this v3.1 is going into beta and with its Internal Linking Dialogs, Post Formats and more WordPress continues to prove that it really is the best choice for almost every business CMS need out there.
So Why Did I Write this Post?
Recently I met with a Senior Vice President of Strategy and Innovation at a large well-known non-profit who is planning to launch a major initiative and he’d narrowed his choices of platform down to two (2): Drupal or WordPress. On a personal level we hit if off fabulously so if it were just personalities I think he might be inclined to take my recommendation on faith but I sensed he is enough of a real professional that he looks beyond the personality of the advocates to assess the actual best solution for this organization.
What he wanted to hear from me which platform I thought was the best and why. I had already reviewed their design brief and wireframes so I had a good idea of what they wanted, and on the surface it looked rather much like a community app. Because of this and also because he had previously talked with several Drupal advocates I think he was leaning towards Drupal. But looking at his requirements and given my issues with Drupal that I detailed in these 17 reasons it was clear at the day is long that WordPress would be a far better platform to meet his needs.
Still, as I tried to explain to him why Drupal would not be a good choice I felt that I might have been coming across as a bit too much of a WordPress zealot whose opinion was not based on objective reasoning. So I decided that I should writing this up to make the case using objective criteria for anyone evaluating the two.
But I still didn’t get around to writing it up because there are always too many other things to do in a day. It wasn’t until a series of posts on Quora with the leading title "Why do so many people use Drupal instead of WordPress?" that I got off my duff and finally wrote this post (even though I have clients whose projects I probably should be working on!)
While Drupal had the lead as best open source CMS for many years, WordPress has eclisped Drupal as the best open source CMS as of mid 2010 with the addition of Custom Post Types.
More specifically Drupal’s site architecture makes it a less than ideal platform for business websites when compared with Wordpress, and Drupal’s philosophy on backward compatibility make it really hard to recommend it to any company for almost any reason at all.
Postscript: About Comments and Revisions
If you are going to post comments:
- Be sure to include something specific about the post in your comment rather than a generic like "Yes I agree" or I might think is spam and delete, and
- If this post gets a lot of comments (which I fear it might) be aware that if your comment doesn’t appear for a few days it’s simply because my client demands have limited my free time and I haven’t had time to release it from moderation.
FYI, I plan to revise this post if new evidence comes to light, somehow I got my facts wrong, or I just identify more to add. Frankly I’ve never much liked the "write-once, forever outdated" form that most blog posts take, so why conform?
Alastair McDermott has just written a blog post on a very similar subject entitled "Why I Recommend WordPress as a CMS." It’s a good read.
If you are going to leave an inflammatory comment criticizing my post then at least have the integrity to leave your full name, your email and a link to something where I can verify who you are and I’ll be happy to publish it (you know who you are.) Otherwise I’ll simply moderate your comment into the trash.
And for what it is worth, it looks like even the Drupal community knows about many of the problems with Drupal: