Long-form writing on bespoke WordPress, platform architecture, and the work most agencies don't talk about. Published when there's something worth saying.
57 insights
Search is in the middle of the largest behavioral shift since mobile. A growing share of the queries that used to land on a Google...
Read the article
WordPress 7.0, codenamed Armstrong, shipped on May 20, 2026 with native AI as its headline. Most of the coverage so far has been about which...
Read the article
Google Maps is the default map embed on the web. It’s also the wrong default for most marketing sites, on three separate axes at once:...
Read the article
Most WordPress sites that have Cloudflare set up have it in “DNS only” mode. In that mode, Cloudflare is functioning as nothing more than a...
Read the article
The consent banner is now near-universal on WordPress sites, especially in markets exposed to GDPR or CCPA. The shared assumption is that the banner is...
Read the article
The default state of a WordPress page is that Google has to guess what it is. The page might have a title, a body, a...
Read the article
Removing Google Analytics from a WordPress site (and the consent banner that came with it) raises an immediate question from the marketing team: how do...
Read the article
Google Analytics is the cookie that’s hardest to defend on a WordPress consent banner. It’s also the easiest to replace — and replacing it gives...
Read the article
A YouTube embed loads Google's tracking on every visitor, regardless of whether they play the video. Self-hosting or using click-to-load removes the cookies without sacrificing the video. Here are the three approaches that actually work.
Read the article
WordPress sites in markets exposed to GDPR have spent the last several years figuring out how to remove third-party trackers entirely, because the EU model...
Read the article
Multilingual WordPress sits in a tooling category that’s been settled for years: Weglot, WPML, Polylang, TranslatePress, MultilingualPress, and a handful of smaller players. Weglot is...
Read the article
The market for “accessibility audits” on WordPress is genuinely confused. The same word covers everything from a 10-minute browser-extension scan to a 3-month multi-disciplinary engagement...
Read the article
Every WordPress chatbot integration follows roughly the same curve: install, fanfare, decline, removal. By month six, someone proposes removing it and nobody pushes back. The pattern is structural, not vendor-specific.
Read the article
Content-heavy WordPress sites accumulate filterable lists: blog posts that need filtering by category and tag, products by attribute, case studies by industry, events by date...
Read the article
The default assumption on most US WordPress sites is that the audience is English-only. The default isn’t wrong—most visitors to most American sites are English...
Read the article
The scenario is industry-standard for multi-location service businesses: pet services, dental practices, fitness studios, healthcare networks, real estate brokerages. The corporate website is a single...
Read the article
Accessibility services tend to fall into two categories. The first is the audit: an engagement that runs typically 2-6 weeks, examines the site against WCAG...
Read the article
Right-to-erasure (the GDPR phrasing) or right-to-delete (the CCPA phrasing) gives users the legal ability to request that a site remove their personal data. The site...
Read the article
Open the typical agency’s landing-page portfolio and you’ll find some version of the same problem: 40 nearly identical pages, each tied to a specific ad...
Read the article
Every WordPress site is a stack of moving pieces that needs continuous operational care: patches applied, versions updated, vulnerabilities closed, backups verified, certificates renewed. Skip...
Read the article
A Google Reviews widget on a WordPress page works by loading Google’s widget JavaScript, which renders the star rating and review carousel inside an iframe...
Read the article
Every Instagram embed loads Meta's tracking infrastructure on the visitor's browser. The standard embed is a privacy liability. The server-side alternative renders the same content as static HTML without any of the cookies.
Read the article
The scenario is common enough to count as a category: a business has five or six domains, each with a WordPress site of various vintages,...
Read the article
Spam against WordPress forms is so common it counts as ambient noise. The bots are automated, persistent, and uninterested in any specific site. They crawl...
Read the article
Custom WordPress frameworks were a reasonable answer to a real problem. Vanilla WordPress, circa 2015, didn’t have built-in environment management, didn’t compose well with Composer,...
Read the article
The multi-location WordPress site grows by accretion. The first version has three locations, each built as its own page, each maintained by hand. Easy. The...
Read the article
WordPress ships with a search function. What it doesn’t ship with is search. The default behavior is a SQL LIKE query against post titles and...
Read the article
The Events Calendar (TEC) is one of the most widely deployed plugins in the WordPress ecosystem, and on paper, it’s easy to see why. It...
Read the article
Here is the complete, updated article with the technical and contextual corrections seamlessly integrated, along with some added markdown formatting to make it easier to...
Read the article
The chatbot-versus-human framing is a false binary. The interesting AI work in WordPress support isn’t “replace the human with a bot”; it’s “give the human...
Read the article
Accessibility work on a WordPress site is an ongoing process, not a one-time push. Plugins update, content changes, new components get added, third-party scripts come...
Read the article
Run any WordPress site that’s passed automated accessibility tests through a real screen reader for ten minutes. Within that window you’ll almost always find at...
Read the article
The Options API in WordPress underwent a meaningful architectural shift across the 6.6 (July 2024) and 6.7 (November 2024) releases. Core now actively manages the...
Read the article
Accessibility scanners catch real bugs at scale on every deploy. They also have structural limits on what they can detect, and those limits matter more than vendors of automation-only solutions admit. Here's what scanners can and can't see.
Read the article
The accessibility audit deliverable is a spreadsheet. 400+ rows. Every row has a severity label assigned by the scanner, a WCAG criterion reference, a code...
Read the article
The accessibility debt is real and predictable. A typical 5-year-old WordPress site has somewhere between 1,000 and 10,000 images in the media library. Best case,...
Read the article
The accessibility overlay vendors have done extraordinary marketing work in the last five years. AccessiBe, UserWay, EqualWeb, AudioEye — each one offers some version of...
Read the article
Static WordPress security scanners match code against catalogs of known patterns. They miss bugs that don't match a known pattern. LLM-based code review catches those, and adding it to the audit toolkit changes what kinds of bugs you find.
Read the article
Every WordPress site shipped a chatbot in the last twelve months. Almost none of them are used. Meanwhile, the AI integrations that would actually make...
Read the article
The standard WordPress account security posture in 2024 looks roughly like: enforce strong passwords, require 2FA via TOTP, hope for the best. That’s been adequate...
Read the article
Open the search analytics on any WordPress site that has site search enabled and look at the last 30 days of queries. You’ll see, roughly:...
Read the article
When the question is "should we go headless?", the answer is usually "no." But the value people are reaching for — performance, flexibility, modern frontends — is achievable without the operational overhead. Here's how API-first architecture on the WordPress monolith gets you most of the way there.
Read the article
Every WordPress install ships with two API surfaces enabled by default. /xmlrpc.php has existed since the late 2000s, originally for desktop blogging clients that nobody...
Read the article
Open the network inspector on any WordPress site that hasn’t done this work, and you’ll see one or more requests to fonts.googleapis.com and fonts.gstatic.com in...
Read the article
When a CVE drops for a WordPress plugin, the gap between “vulnerability is public” and “official patch is available” is sometimes hours and sometimes weeks. Virtual patching closes that window without waiting.
Read the article
A common opening question on legacy WordPress engagements: “How many of these plugins do we actually need?” The site has 47 active. The honest answer...
Read the article
Most WordPress sites have a security plugin. Most still get hacked. The disconnect is structural — the dangerous problems are architectural, and a hardening plugin won't fix them. What real WordPress security hardening looks like, layer by layer.
Read the article
The standard WordPress audit deliverable is a list of about 30 findings, mostly catalogued from automated tools. Plugin count, last update dates, PHP and WordPress...
Read the article
Every plugin you add to WordPress doesn't just add features — it adds technical debt, performance overhead, and another vendor relationship to manage. After twenty years of cleaning up plugin debt, here's what compounds, what's recoverable, and where the real cost lives.
Read the article
Update (January 2025): WordPress 6.6 (June 2024) and 6.7 (November 2024) introduced significant changes to how the Options API handles autoloading, including new autoload values...
Read the article
Every WordPress site that talks to a CRM does it through some kind of connector. They all start simple. Two years in, the integration is doing six jobs it wasn't designed for, and nobody quite knows what triggers what.
Read the article
There’s a common misreading of what managed WordPress hosting buys you: the assumption that if the host handles the platform, you don’t have to think...
Read the article
Custom WordPress development costs more upfront than buying a template, then it pays back indefinitely. Faster, better for SEO, distinct on brand, and built to evolve. Why custom is the right call for more sites than people think.
Read the article
The default WordPress problem-solving instinct goes like this: identify the need, search the plugin directory, pick the option with the highest install count and decent...
Read the article
Every WordPress project that ships gets a documentation deliverable. Some flavor of “editor’s guide” lands in a Google Doc or a Notion page on the...
Read the article
WordPress data modeling is the most consequential decision in a custom build — and the one most agencies treat as an afterthought. Most clean-on-paper models fall apart the first time an editor needs to do something they weren't planned for.
Read the article
Every WordPress site has two products: the one visitors see and the one editors use to keep it running. Most agencies ship the visitor-facing one to high standards and leave the admin to defaults. The cost shows up in stale content within months.
Read the article
No insights match the current filters. Clear filters to see everything.
No proposals. No pitch decks. Just a conversation about your project and whether I'm the right fit to build it.
Start a Conversation