Published on November 24, 2004
Digital Web: With many blogging tools out there, how did you decide to create one?
Matt Mullenweg: It’s funny you say that, because when WordPress was born I didn’t feel like there were a lot of blogging tools at all. I got started on Movable Type but then switched to b2/cafelog because I was more comfortable working with the backend in PHP and MySQL than Perl and BDB.
The switch went well and I was excited by new technologies like Pingback that b2 supported. Development stopped on b2 when Michel disappeared. Days turned to months and I wrote an entry wondering what to do. Mike Little left a comment a day later and we started collaborating on what would become WordPress.
DW: WordPress has made a convert of many former Movable Type users. What do you think convinced such folks to make the switch?
MM: There are lots of reasons. I think people who have been frustrated with Movable Type development are very comfortable that we have a single focus. Our development model is completely user-centric and our flexible platform and dedicated team have allowed us to respond quickly and effectively to what people want. Also we have a completely stable license. Open-source software runs the Internet and has proved itself again and again.
Businesses are very comfortable knowing exactly what they can do with WordPress—almost anything—and that the license isn’t going to change. WordPress includes code from hundreds of different contributors under the GPL. For the license of WordPress to change, every single person who has ever written code for WordPress would have to agree to relicense their code.
DW: What kind of users tend to use WordPress?
MM: It’s all across the board, which is fun for me. I would expect the users to be fairly technical since to install WordPress you need to understand uploading files, but I would say the majority of WordPress users aren’t technical. How is this? For one thing, many hosting accounts bundle a WordPress installer. A fully set up blog is a click away.
Another large segment is people who aren’t technical, but know someone who is. Others are willing to pay a few bucks (literally) for help. That said, the explosion is still at the bottom of the J curve. When the hosted services that offer WordPress start going public we’ll see a wave that dwarfs everything so far.
DW: What other ways is WordPress used besides blogging?
MM: It’s amazing to me the number of people who use WordPress for things entirely unrelated to blogging. They bend and twist posts, categories, and custom fields to create some pretty neat stuff. I’m guilty of some of that myself, but for me it’s the base of [database] and system functions that WordPress provides that I use as a base when writing new things.
For the people looking for more traditional CMS functions inside of their blog, we’re adding Pages functionality in the next release. The idea is that managing page-based content should be as elegant as managing post-based content.
DW: How does WordPress differ from others in terms of standards compliance?
MM: I think the difference between WordPress and other systems that claim standards compliance is that with us it’s active instead of passive. Our templates are valid out of the box—everyone’s are—but what about after that? We catch things like unencoded ampersands and can correct some other common XHTML mistakes.
Work is going on to create a mini validator that will check your posts before they go live. Also standards are more than XHTML and CSS. We try to support other industry and nascent standards like OPML import and export, all the syndication formats, different methods of service autodiscovery, XFN, rel=”permalink” and rel=”trackback”, pingback, etc.
DW: What do you love about working on WordPress?
MM: Everything! The project is so diverse that I can really flex all my creative muscles. The community is great and a lot of fun to be part of. Most of all, it’s very rewarding to know that all this work is like a gift to the world, free for anyone and everyone to use. Working on something that touches so many people definitely puts things in perspective.
DW: Other than the usual reasons, why did you decide to make WordPress open source, GPL-licensed as opposed to a licensed plan?
MM: If you do anything for the money you end up selling out. Do what you love, what you can’t not do, and the money will follow.
I think the WordPress value to the community as a GPL extension of what came before is a million times more valuable than whatever pittance I would have gotten from doing a proprietary thing. The benefits I’ve gotten personally from focusing on what I love have been numerous, and go beyond the purely monetary.
DW: Many won’t admit it, but no one likes to write a blog without an audience. With tons of blogs out there, readership is spread or flocks to the A-list blogs. How does this impact the growth of blogging? Have we reached a critical mass?
MM: Blogs certainly have had a lot of exposure, but it’s a fraction of what’s coming. Where we’re at now is similar to where the Internet was in the mid-90s. I don’t think most people are concerned about getting huge traffic to their blog. In fact, that usually causes more problems than it’s worth. The size of the audience doesn’t matter, but the quality does.
I run about a dozen blogs myself, and if each was only read by a handful of people I wouldn’t care—if it was the right handful. Correlating traffic with success is exactly the kind of old-media thinking we’re trying to get away from.
DW: Describe the WordPress community.
MM: It’s like a big family. You don’t choose the people, you all have different interests and views and there is often disagreement, but at the end of the day you all love each other.
MM: It had been over a year since our last problem, so I was probably a little overly optimistic. We’ve been very proactive with regards to security but every piece of software has security issues. It just happens. The good news is with every issue that comes to light we become more and more secure.
DW: How long did it take to resolve?
MM: The code changes did not take long, but addressing another issue that came up, back-porting the changes to 1.2, and testing took a few days. Testing was the longest part.
DW: How was it missed?
MM: It’s a somewhat esoteric problem and while we had completely secured against it on the public-facing side, we hadn’t thought to check all parts of the admin section against administrator-generated content. I would conservatively estimate that 80% of all Web scripts suffer similar problems. They just don’t have the same audience so it never gets reported.
DW: How does WordPress plan to address the issue in the future?
MM: I think our strategy thus far has been extremely successful: security-conscious coding, regular code reviews and audits, and responding to any issues that come up as fast as humanly possible. I think the WordPress development environment is great for preventing new mistakes from happening. For example, every time I change a single line of code, an e-mail is sent out to at least 80 people detailing exactly what the change was. How great is that?
The way that the security community works, there may be dozens of people at any given time poring over WordPress line-by-line hoping to discover a problem (and get credit for it). Proprietary development models just don’t have that kind of flexibility.
DW: You also created Ping-O-Matic. How did that come about?
MM: Well, update pinging is a great way to increase your exposure, and there are so many different services that want that data now it’s daunting. Unfortunately, sending pings can sometimes be very slow. Also, it’s a pain to keep up with all the new stuff. On a whim, I teamed up with fellow WordPress developer Dougal and we built Ping-O-Matic in just a few hours.
At first, it was focused at people who were pinging manually and had to visit ten different sites to do so, then we rolled out the XML-RPC weblogs.com interface so publishing software could talk to Ping-O-Matic directly. We provide a super-fast single ping people can send and we mirror the data to whoever can handle it.
Working with a system that handles hundreds of thousands of updates a day has taught me a lot about scaling.
DW: Interesting comment about “exposure” in Ping-O-Matic since you mentioned “size of audience doesn’t matter.” Any comments?
MM: I think it’s a trend you can see in the growing number of protected or semi-protected blogs. I see it as a personal thing, some people want fame and recognition for their blog and some people just want a better way to communicate with a set number of people.
DW: How did you do Ping-O-Matic?
MM: Dougal had a PHP script that would send out pings in real time when a form was submitted. Running everything through Apache didn’t scale well, so I tried making it a command-line PHP program. That worked, but used far too much memory, so I began experimenting with rewriting the pinger in other languages and Python was the fastest and smallest. Now the Web site and front-end services are all PHP and the heavy lifting is done in Python and MySQL.
DW: Obviously Ping-O-Matic has heavy-duty traffic. How do the servers handle the large loads? Or did you receive donations?
MM: It varies. As I said the high rate of traffic made performance bottlenecks painfully obvious. Before it was on the machine it’s on now, it single-handedly took down several decent servers. The new server is a lot more powerful and is paid for out of my pocket and WordPress donations.
DW: You’re also in photography. What tips can you offer people with no eye for it?
MM: I enjoy photography a lot but I don’t claim to be any sort of expert. It’s like any craft though. Commit yourself to doing it every single day for at least a year. Study and emulate people you admire. Don’t be afraid to take a lot of bad pictures.
DW: What songs can you play on the sax and piano?
MM: I play pretty much exclusively jazz these days, and my main instrument is alto sax. I know a few standards that get called often at jam sessions and a few more eclectic songs that I’ve picked up as I went along.
The songs themselves aren’t too important; if something is called I either know it or read it out of the real book, or just try and hear the changes. My piano chops are badly out of shape, so I won’t talk about that.
DW: Besides WordPress, what other work do you do?
MM: I do a lot of systems administration, mostly LAMP platforms but some other things mixed in as needed. Right now, a lot of my time is spent on an object-oriented Perl program I’m writing for an oil software company. There are a few other projects and collaborations that I really wish I could talk about but can’t yet.
DW: What can we expect to see from you and WordPress in the near future?
MM: I had an epiphany last month. I’m sitting on thousands of lines of code and hundreds of hours of work that’s just gathering dust on my server. Some of it, including a full CMS system written from scratch, I had originally planned to sell and other bits I just haven’t had the time to look at in a while or wanted to keep protected. That was all done in an outmoded way of thinking, I’ve decided to open source the code and give it all away, to practice what I preach. Now it’s just a matter of cleaning up things for release and getting an infrastructure together to support it all. It’s hard work but I feel great doing it.
With WordPress there are a few interesting things in the pipeline. First, there is the 1.3 release, which packed with new features and improvements. The only thing I regret about 1.3 is the version number. It really should be called 2.0. Thanks to the work of Donncha, we have something called WordPress MU nearing release, which is like TypePad/Livejournal in a box with the elegance and power of WordPress. I think we’re going to see some larger companies throw their support behind WordPress just like you’ve seen with other large open source projects like Mozilla or Apache. Finally, there has been some serious discussion about expanding the WordPress colors beyond grey and blue, but we’ll see if anything comes of that.
DW: Thanks for your time, Matt!
Matt Mullenweg is a troublemaker who has an affinity for web technologies. He is the lead developer of WordPress, GPL blogging software and semantic personal publishing platform. He enjoys photography, writing, and playing the saxophone and piano.
Meryl K. Evans, content maven, is a WaSP member even though she’s far from being a WASP. The content maven writes a column for PC Today and blogs for the Web Design Reference Guide at InformIT. Meryl provides the home for the CSS Collection and she’s the editor of Professional Services Journal, meryl’s notes :: the newsletter as well as other newsletters, so tell all your friends, families and animals to subscribe. Her ancient blog keeps cluckin’ since its arrival on the web in 2000.