In 2005 I was looking around for good, open, lightweight site management software. There were a few around. The gods were with me; I chose WordPress.

One decade later, WordPress powers about a fifth of all websites.

WordPress began life as a blogging system, but now it is a fully capable CMS. It isn’t the right tool for all websites, and I’ll tell you if it doesn’t suit your requirements. However, I’ve yet to tackle a project that it’s not been able to cope with.


This is always a concern for popular systems, since popularity makes you a target. However, despite being the most popular site management software around, WordPress is very secure. Almost all “vulnerable” WordPress sites out there simply haven’t been updated, don’t follow security best practices, or use poorly coded plugins.


As an open-source project, WordPress has fostered a great community of developers.

  • There are currently over 25,000 plugins available, most of them free.
  • The wiki-style documentation is always improving.
  • There’s also a site dedicated to WordPress-related talks and tutorials.

WordPress and me

I’ve attended nearly every WordCamp UK—an annual gathering of WordPress developers, designers and users—and I’ve delivered talks at a couple.

You might also bump into me at the WordPress London or wp-hooked meetups.

My plugins

  • Developer’s Custom Fields – Makes it easy for developers to manage custom fields for all post types. Documentation here.
  • Force Strong Passwords – Forces users with executive capabilities to use strong passwords. This plugin has been adopted by Jason Cosper at WP Engine.
  • Lock Pages – Prevents non-admins from moving or deleting certain pages, to maintain site structure and permalinks.
  • Simple Events – Some very simple additions to improve basic events management.