Aaron Brazell (technosailor) on the WP Engine blog


In the interview Brazell said something interesting about WordPress consulting prices:

As more and more big names jump on the WordPress bandwagon, ticket prices on consultant work is still giving people sticker shock. It’s less so that way than a year ago, but as WordPress implements more and more CMS features instead of Bloggy features, organizations are looking harder at WordPress for solutions. Professionals get to charge lots of money because they’re professionals and the perception that “cheap web dev labor” is still the way to go, is a mentality that we have to continue to combat.

Both this and the Gary Jones interview I linked earlier are worth a read, and not just because both said they read WPCandy.

Aaron Brazell steps back from his full time role at WP Engine


Aaron Brazell, the author of the WordPress Bible, announced on his blog that his role at WordPress hosting company WP Engine has changed, effective immediately. Brazell will be stepping back from his full time role as co-founder of WP Engine to instead act in an advisory role.

WP Engine has offered services and consulting on top of their WordPress hosting, though according to Brazell the company is moving away from this in order to focus on only the hosting aspect of the business. He explained that he will be moving that part of the business outside of WP Engine on his own:

However, as the company has evolved, taken funding, hired more people, addressed growth challenges and built out our hosting option, it seemed clear that the professional services portion of the company was a separate kind of deal than what we wanted to focus on.

So today, I’ll be taking that portion of the company (and all related existing and current relationships, as agreed on), and working on that. Meanwhile, I’ll still be working with the company to guide direction and strategy. So it’s good for everyone.

Brazell explained in his post that he is now open to any consulting work, and is even entertaining full time opportunities. He invites anyone interested in working with him to get in touch, via his blog post.

Book review: WordPress Bible 2nd Edition


Sometimes the line between hobbyist and professional can be a blurry one. And regardless of your chosen niche, whether it be cooking, knitting or coding, there are the essential readings, books, magazines and, nowadays, websites that everyone reads. The WordPress Bible, 2nd Edition is just that book for WordPress.

While reading it I was constantly reminded of the Haynes Manuals for car enthusiasts.

Continue reading

You can now pre-order the WordPress Bible 2nd edition


Aaron Brazell announced on his blog,, that pre-orders for WordPress Bible: 2nd Edition are now available on Amazon. WordPress Bible: 2nd Edition has been updated for WordPress 3.1. The 1st edition covered up to WordPress 2.9.

Some of the topics covered in the book include:

  • Multisite
  • Post Formats
  • Post Types
  • Advanced Queries
  • New API’s

You can pre-order your copy of the 720 page book today for $32.32. It will be available on April 12th, 2011.

WPEngine security vulnerability gave admin access to any users


WPCandy has been made aware of a security issue at WPEngine, a WP hosting site that launched earlier this year. According to WPEngine the security issue allowed users admin access to blogs on the WPEngine network. Passwords have since been changed and, according to WPEngine, that particular hole was closed.

WPEngine has not confirmed the exact nature of the issue, though Aaron Brazell of WPEngine said:

We did have a security issue that was brought to our attention and quickly cleaned up. I cannot comment on the specifics. However, the vulnerability would allow admin access to blogs on our network.

Dre Armeda of Sucuri Security was first to find and notify WPEngine of the issue. Armeda said:

Sucuri privately informed WPEngine of the issue we found and they had a patch to remediate the vulnerability within an hour. It was an interesting issue that should have never occured, but it did, and they pony’d up and fixed quickly.

We have been in contact with their staff since the issue was discovered and they’re implementing further security controls to continue hardening their system. All in all, this is the type of response you’d ike to see from any vendor.

Sucuri does not disclose any security vulnerabilities without contacting the vendor before hand, and only then if the issue is exposed and fixes need to be posted.

Continue reading

Community Links: The WordPress Professional’s Edition


Photo of Brian Clark, from (link below)

This week has seen a deluge of news posts about WordPress themes. We’ve collected all of the best news in our weekend community links post below.

Have a look at the goings on, then let us know what you think the big news of the week was. What steals the show?