Wordpress and the Panama Papers

I've witnessed some very interesting events unfold as I've worked with Rabalder. One of the last ones being the Panama Papers and you might wonder what the Panama Papers has to do with Rabalder Media. Very little really, but there's been some information flowing around the internet regarding how the documents were obtained from Mossack Fonseca.

The cause
When we visit their website, we can see that they're running on Wordpress. If you're not a developer, let me tell you that Wordpress and Joomla sites are two of the easiest targets to hack due to the ignorance and inexperience surrounding those platforms, but I'll get back to that later.
Their Wordpress installation has a plugin installed that allows for remote code execution, which is the most dangerous and devastating exploit there is. Remote code execution allows an attacker in most cases get complete control over the server that hosts that website and in turn can allow them to get complete control over the whole server infrastructure. A quick dig of their DNS shows that their email is hosted on the same server, which was probably how the attacker got hold of the Panama Papers documents.

This is so typical to Wordpress. The ignorance surrounding that platform is outrageous, and your everyday Wordpress developer is inexperienced due to completely locking themselves down to the Wordpress platform. I don't know if you've noticed, but Wordpress is a blogging tool, not a website CMS.
Of course, everyone uses it as a CMS which is probably the reason it's so insecure.

This is one of the many reasons we've dropped Wordpress completely unless explicitly requested. The path we've taken allows us to build next-generation applications, giving us the capabilities to rival native mobile applications via the web platform.

As for CMS, we have a custom drop-in solution in place that we've just finished building. Instead of having to go to separate page to edit some text on the front-page, you simply click the text you want to change and start typing. Same with images, click them and upload a new one and you're done.
The best part about this CMS is that it's real-time. This means that when you change that image, it will synchronize to all visitors on your site without them having to update or refresh. Imagine having an e-commerce site where new products would magically pop up for your visitors as they're browsing your e-store.
Combining this with Web Notifications, we could send push notifications to users (both mobile and desktop) when new products are added.
Why not go even further and use Service Workers to put the e-store offline? Imagine if a user doesn't have network connectivity but is still able to browse your e-store and place orders, wouldn't that be something? Well, that feature will soon be in web browsers. Definitely within this year, and we're going to be one of the first agencies to include support for that in our applications.

We're structuring our applications with small, reusable components which allows us to build massive web applications that has the smallest codebase possible - which in turn makes the web application very fast and lightweight, especially on mobile.
Combining this with our awesome security and server infrastructure allows us to build real-time web applications with massive amounts of traffic without any hickups and maximum security involved.

Rabalder Media is changing
As you probably can see, being in the cutting-edge of the web allows us to do some crazy things most people think is impossible and Wordpress developers have no clue about those features even existing.

In the last year, we've been shifting our focus to a more healthy and fun part of the web development industry and we've modernized our company in many ways. Some examples being that we've completely dropped internal communication via email and uses a chat- & voice-based solution that helps us increase productivity and is also a lot more fun. We have a natural work environment that's less stressful and where developers like me have a voice that's heard and taken seriously. Everyone on our team plays a part in shaping the company and deciding what paths we should take.

We are aware that our project cases are lacking a bit, but you should definitely stay tuned to our website because we have multiple, really cool projects that's still in production that we're going to release pretty soon which shows the best part about Rabalder Media and the possibilities you'll have working with us in terms of features, design and user experience!

Tom Jordell
Fullstack DevOps Engineer
tom@rabaldermedia.se