Hello Security is a new plugin developed by Michele Butcher that displays security tips and reminders in the WordPress backend. It’s a fork of Hello Dolly and Butcher’s first plugin submitted to the plugin directory.
Security best practices include PASSWORD is never a good password, backup all the things, and only give users the access they need. A full list of the tips used is located within the hello-security.php file.
Inspiration, Motivation, and Determination
For years, Butcher has avoided learning how to code. Thanks to a WordCamp session and inspirational members of the WordPress community, she now has a plugin of her own. In this short interview, we find out what held her back from developing plugins sooner and who inspired her to go through the process.
What held you back from writing your first plugin?
For the longest time, I didn’t want to learn how to code. I was a firm believer in that there’s a plugin for everything. Once I was motivated enough to create one, I didn’t know what to create first.
I have ideas for the types of plugins I want to make but I always find three plugins with similar functionality. The first WordPress plugin I’ve ever looked at the code for is Better WP Security, developed by Chris Wiegman that eventually turned into iThemes Security.
I knew I would have to dig deep into learning code before I could write a plugin that large. I discovered the best way to learn code is to jump in and read actively developed code. Once I became comfortable reading code, I started to get ideas on plugins to create.
What motivated you enough to go through with creating and releasing your first plugin?
I subconsciously kept telling myself to just make something. I eventually decided to get into plugin development and taking the first step was the hardest. I bounced ideas off of friends for a long time before I jumped in and just made one.
At WordCamp North Canton, I attended Topher DeRosia’s session, Introduction to WordPress Plugin Development. After the session was over, I realized I didn’t have to make something that has thousands of lines of code. I brainstormed ideas, thinking how I could use Hello Dolly.
What inspired you to write Hello Security?
The first idea that came to mind in using Hello Dolly was not security related. I initially thought of doing something fun like Hello Jovi (Bon Jovi lyrics) or Hello Marvel where I use awesome one liners from the various Marvel movies. Iron Man quotes alone would have given me at least 30 lines to work with.
I decided against doing something fun and make something that could be useful. Many of the quotes in Hello Security are things I say at all of my talks, tell every client after I clean their site, and mention to everyone who is getting into WordPress.
Hello Security is there to help those who are either new to WordPress or might not know how or why they should keep their site secure. It is a way to be proactive before something bad happens. Wiegman and DeRosia inspired me the most and I’m glad they did.
Informing Without Overwhelming
Hello Security is a good plugin that educates users on best practices related to web security without overwhelming them with information. I tested Hello Security on WordPress 4.2.2 and didn’t experience any issues. It’s available for free on WordPress.org and GitHub. Butcher encourages those who want to see a security tip added to submit a pull request on GitHub.
It’s a nobel effort and with good motivation behind it. But as with another recent plugin that was introduced to notify users of security related plugin updates the major problem with these types of plugins is that people don’t keep their plugins updated so how can we expect them to install a plugin like this and actually use it? The short answer is they won’t. It’s a major problem that the community needs to find a way to address. Users aren’t updating even when all they need to do is click a link to do so.