Julio Potier, co-founder at SecuPress, is one of the well-known WordPress security specialist and consultant helping users identify vulnerabilities and prevent attacks. He has been working in the web security domain since 2009 and currently has 25+ plugins to his credit in the WordPress directory.
Cloudways: Hello Potier, we are glad to have you for this interview. Could you please briefly introduce yourself to our readers? How did you start your professional career? Who motivated, inspired, and helped you in your career?
Potier: Hello Cloudways, hello Mustaasam, thank you to reach me for this interview. Well, back in 1998, I’ve created my first HTML website, 2000 using PHP and was already a bad coder, so a friend showed me how to exploit my code vulnerabilities, this was a start for me. I learned how to prevent this and started to warn people about their own code. In 2010, I’ve started to use WordPress because I wanted to easily create websites, so I mixed my security and code skills with WordPress and BOOM. SecuPress was born in 2012 in my mind and 2016 as a freemium plugin. Between 2012 and 2016, I’ve created WP Rocket with WP Media, we split in may 2017.
Cloudways: What were your inspirations for becoming a security specialist? Would you like to talk about the challenges you faced at the beginning of your career? How did you tackle those challenges? Any details?
Potier: Since a friend of me was a white hacker and web security consultant, he quickly showed me what could be done with a vulnerable code. It was so powerful and at the same time so destructive, I wanted to protect other people websites.
Beginning as a web security consultant in France was not easy because, since 2006, it’s illegal to clearly show a vulnerability to a webmaster, you could be sued for that, it’s a full disclosure. Even if you don’t exploit it, since you could do it, you’re facing justice. So, it was hard to start in France, this is why my first clients were not French. After that, I’ve learned how to bypass the system (yep, it’s my job right? haha!) and still warn them without facing justice. All was in the way you tell them, not like “here, this is a flaw” but “maybe, it’s possible that your website could be a target, let’s try it, please sign this before”.
Cloudways: You have been working as a security specialist since 2002 and contributed to WordPress in various ways. Although there are a lot of CMSs available in the market, why WordPress? Have you contributed to any other CMS as well?
Potier: I choose WordPress between Joomla and Drupal too. I tested them, but the choice was easy since creating a plugin had to be easy and clear, and the community big and active. WordPress was already a good choice back in 2008, version 2.8! I do not work on other CMS, I made my choice; I’ll let the other CMS for other experts.
Cloudways: As the founder of SecuPress, how do you see WordPress security in the future? Do you find any necessary security features to be added and to be done away with? Which security measures you would like to see in the WordPress core?
Potier: WordPress security is a very important part of the core, remember, they have a dedicated team for that, and many good people in the community are reporting flaws, patches are released very quickly when a vulnerability is discovered. So, I think that in the future, we’ll have more and more people auditing and patching the vulnerabilities. Also, the kind of vulnerabilities is more and more difficult to exploit, requiring precise settings from your server etc.
Of course, we could add more security features in the WordPress Core like limit login attempts, move login page, double authentication by default. See? I only talk about account protection, 6% of hacked WordPress websites are because of passwords since WordPress is powering 30% of the web, I’ll let you count how many passwords are hacked…
Cloudways: What advice would you give to beginners looking to make a career in WordPress development? Could you suggest your favorite sources for learning development from scratch? Any tutorials-based websites you would like to recommend?
Potier: Yes, the first advice is “Don’t do it just for the money, it’s one of the worst ideas.” You can’t make money from something you don’t love, so first, do what you love, then, sell it.
I don’t have favorite sources for learning things, I learn things from everywhere, any post can be a source of something, but still my favorite is “read a book!” like PHP 7 and MySQL, read the manuals, from A to Z, read other coders plugins and theme code, read the WordPress Core, open the files, be curious, try, test, fail, try again.
As a French, it’s quite difficult to give you any websites. 😉 But just follow some WordPress Core developers, read what they’re reading/writing, you’ll quickly understand who’s good to read today.
Cloudways: Many associate the success of WordPress due to its vast community. Do you agree with this comment? How do you see the future of WordPress? Is there anything you would like to see in the future?
Potier: Of course! Like I said, this is one of the main reason I choose it! A community is way more important than a good coded CMS (yep, WordPress is not a good one, in that case, right?) The future of WordPress, well, quite difficult because since last year, businesses are numerous and competitors are everywhere, every day a new premium plugin is competing with another one, business is saturated. In the future, maybe an official marketplace could be created by WordPress.org, not sure if it’s a good idea, or even good for WordPress itself. I would like to see developer certifications around the world, a certification means that WordPress worth it and then developers could say, “Hey, I’m WordPress certified!” and not just like me when I say, “I’m an expert”, well, I am because I said it, that’s all.
Cloudways: WordCamps are the flagship events for the WordPress community, have become so frequent now. Would you like to share your opinion about them? Are they really helping WordPress Community in their cause?
Potier: I attended so many WordCamps and WP events, maybe near 20. You know what? I really like them because of … guess what … the community, again. We met our Twitter and Facebook friends, sometimes clients, future clients, we make connections, we share what we know on stage, during workshops, we help people with the happiness bar, etc
Cloudways: You are one of the most active organizers and speaker of WordCamp Paris and London. Could you tell us how WordCamps help WordPress Community? How does speaking at WordCamps boost your career?
Potier: haha, for Paris yes, I attended all the WordCamp Paris (but Europe in Paris), for London, only 2 times, but thanks anyway. Well, I think WordPress is what it is also because of the WordCamps. Each attended WordCamp brings new people saying “hey it’s my first one”, and this is very good for everyone, WP and the communities. I don’t attend or speak at WordCamp to boost my career, even when I’m sponsoring, there is no possible ROI (return on invest) and we know that. It’s true that some clients are coming because “I saw you on stage”, but it’s not a boost, I think it boosts my ego, then I really love to share what I know, just because WordPress is giving so much to me, I have to find a way to contribute to the pleasure, and speaking in WordCamps is one of these.
Cloudways: Cloudways is a managed hosting provider for WordPress that integrated advanced security firewalls and optimized servers in its platform. What’s your opinion about managed hosting services?
Potier: This is the future of the web for sure. Back in 2000, I didn’t even think about that kind of services, but now, we all have to think about it. Cloudways is doing it with so many ease that is you don’t know yet what we’re talking about, you should test it right now, if you know what we’re talking about, you should also give a try just to compare.
Cloudways: Let’s leave all of the things for a while and talk about your personal life. How do you spend your time with family? How do you manage your work life? If possible, could you please tell our readers a little bit your family or share some favorite pictures?
Potier: I’m married for 10 years, 3 daughters (8-yo, 5-yo, 2-yo) and a son is coming in next July. I wake up with the first kid to wake me up haha about 8/8:30 AM, I stop at 12 AM, then I do a 2 PM – 5 PM and a last 9 PM – 1 AM to work or play, depending on my mood or workload. I work at home, of course, I have my own office here, so I’m not disturbed but when they want to bring me some cake and fruits hahaha I can’t say no when it’s a chocolate one :p :p And finally I never work on weekends, it’s only for the family and I’m fine with that. My wife is helping me with SecuPress support so I can take the most technical tickets. Sorry, I don’t share family photos online. 😉
Cloudways: Just to acknowledge our readers, could you please send us an image of your workspace? Thank you!
Potier: Of course!
Thank you for your time, thank you for the invitation and interview Cloudways and Mustaasam.
Follow Julio Potier on Twitter.
Start Creating Web Apps on Managed Cloud Servers Now
Easy Web App Deployment for Agencies, Developers and E-Commerce Industry.