[wp-hackers] support for custoim post types + custom feilds

Christopher Ross cross at thisismyurl.com
Sat Jun 19 18:50:23 UTC 2010


On 2010-06-19, at 3:12 PM, Mike Schinkel wrote:

> On Jun 19, 2010, at 12:29 PM, Christopher Ross wrote:
>> I have a government client which runs 50+ WordPress websites (both inside and outside firewalls) and no plugins are allowed on the site, with no exceptions. This includes stripping internal update calls, pings etc. from the core before a site can be upgraded and I know from experience, big companies are the same.
> 
> On Jun 19, 2010, at 1:17 PM, Curtis McHale wrote:
>> I've also worked with a company that doesn't like plugins at all. Caching can be done easily without a plugin so we didn't use it. I personally also dislike plugins on my sites so avoid them at all costs. If anything can be done easily without them that's how it's done.
> 
> 
> I find that fascinating.  I would love to hear, for my benefit and the benefit of all on the list, what the specific concerns they have about using plugins and the rationale for not using them?  Maybe there are things we could improve/change that would resolve their concerns?
> 
> Are their reasons tangible or intangible?  For example, do they dislike plugins:
> 

Mike, in the case of our government clients it's a security concern. Their servers house sensitive data, the intranets we run using WP include politically sensitive, often classified  materials. You're correct any code in a plugin could also be in a theme but those themes are tested and approved prior to installation, whereas plugins code slip past during updates.  The threat doesn't even have to be large, a plugin that simply turning on the RSS or pingomatic feature on one of these sites would be enough to destroy careers.

The rest of the time, I think it's almost always the visual that I hear complaints about. Often (and I've been guilty of this) when a plugin is added, it creates menus in the wrong places, or adds menus without really needing to. If we could simply 'hide' the plugin (which is what I do when I copy it into the functions.php file) and turn off future updates (or at least the warnings), that would solve a lot of the problems for less technical end users.

c.



More information about the wp-hackers mailing list