I have always been an advocate for security. For many years ( ~8 years ), I have been voicing my opinion about using updated foundations in order to take advantage of what the internet has to provide. This means, enforcing stricter PHP versions, updated server packages, etc. There is always push back from the community as a whole. The response is always around the lines of “What makes WP so great is the fact that you can run in on a lot of hosts (outdated ones)”. I would have to agree with this statement but it is 2016 (almost 2017) and some how it has become acceptable to run a website on EOL PHP versions and outdated servers.
Today I read a post by Matt Mullenweg that seemly suggests a middle ground finally. Whether he knows it or not, he has stepped on a lot of people’s ego’s in the development community. The post found at https://wordpress.org/news/2016/12/moving-toward-ssl/ states the hope for 2017 is to support addition features for those that use SSL. So what does this mean? Well, it means that one of the founders of WordPress has spoken and forced the idea of fragmented features. I am actually kind of curious on who all will change their stance when it comes to forcing requirements?
The middle ground has been establish. WordPress will soon give users more options when they use SSL. Matt mentioned “API authentication”. This by far is what should have happened a year ago when the REST API was put into the works.
Non the less, I am excited about the new changes that are coming to WordPress.