Robert Abela is the CEO and founder of WP White Security, a European based company which develops WordPress security plugins. They also blog about all things related to WordPress security.
You can find Robert on Twitter and LinkedIn. This is our recent interview with him, as part of our Kinsta Kingpin series.
Q1: What is your background, & how did you first get involved with WordPress?
In 2013 I was a product manager at a security software company, and we needed a blog for our website to share our research findings. After reviewing a few solutions, we chose WordPress. As a security software company, we were also interested in the security side of WordPress and were quite surprised by how much of an easy target WordPress was back then. We had developed an online security service for WordPress ourselves, but it never really took off.
When we started using WordPress, I also started following the WordPress community and was surprised by the number of people making a living from WordPress. I decided to go solo and start offering WordPress security services – I started cleaning hacked websites and doing security hardening. While freelancing I needed an activity log solution for WordPress, so I began developing WP Security Audit Log. The rest is history.
Q2: What should readers know about all the stuff you’re doing in WordPress these days?
I have a WordPress security blog, where I and a few others write about security, mostly focusing on WordPress security. I also run a team of people, and we develop a few plugins.
Our flagship product is WP Security Audit Log, a WordPress activity log plugin. It allows WordPress site and multisite network owners to keep a comprehensive log of what is happening on their sites. Lately, we released an extension for it called Activity Log for MainWP, which allows MainWP users to view the activity log of all the child websites on their network in one central place, the MainWP dashboard. It also keeps a log of changes that happen on the MainWP network.
WordPress track user activity
We also develop a plugin called Password Policy Manager for WordPress. With this plugin, site administrators can configure policies to enforce strong WordPress passwords. I got the idea for this plugin when I read some statistics on how many people use weak passwords, even though WordPress recommends strong passwords.
Password Policy Manager for WordPress plugin
We are developing a few other plugins which should be available in 2019. Our focus will always be plugins with a particular role, giving an alternative to the users who don’t like all-in-one kind of plugins.
Q3: What challenges did you face in building your business?
Before starting the plugin project, my experience was in QA, systems engineering, research, product and project management. So I can read and write code, and done quite a bit of scripting, but I am not a developer.
However, I did develop the prototype of the WP Security Audit Log plugin! Still, I needed a developer to help me develop it further. So I spent five years doing consultancy and other work, to pay developers. To make things worse, I couldn’t find a developer that would commit to the project, because the plugin wasn’t big enough and back then couldn’t guarantee a specific number of working hours per month. So during the first three years, I was switching developers quite often.
However as the plugin grew and needed more man-hours, I was able to find people to work with on a long term basis. Still, it’s never easy finding good developers!
'It's not always easy finding good WordPress developers. 💻' - @robertabela
Click to Tweet
Q4: Has anything surprised you while coming up in the WordPress world?
The openness and friendliness of the people in the WordPress community surprised me. I worked for 13 years in the corporate non-WordPress world, and it was so different. You do not see employees of competing businesses mingling together, and everything is a secret.
The WordPress community is the opposite – the majority of vendors are willing to help and share ideas. Many publish their end of year report and are quite happy to share the details of what worked for them or not. So if you are starting or already have a business, you will find a lot of information and tips on how to build a successful business.
Q5: What does the future look like for you in the WordPress world?
We are focusing on the long term game plan. Over the next few years we want to:
Make WP Security Audit Log easier to use: The plugin is a very comprehensive activity log solution plugin so sometimes it can be an overwhelming solution for the non-technical users. So we are improving both the user interface and user experience in the plugin. We’ve already released some updates that address this, but we are just getting started.
Expand support for third-party plugins: As of today, the WP Security Audit Log plugin keeps a detailed activity log for WooCommerce products and store changes, Yoast SEO plugin settings and post SEO changes, bbPress, and several others. Moving forward we’d like to allocate more resources and work closely with other plugin developers to support many more plugins.
Develop more WordPress plugins: I have several ideas for more WordPress plugins so over the next few years we will be (hopefully) releasing more plugins. The aim is to have a collection of WordPress plugins that address specific niches.
Q6: What do you look for in a WordPress host?
All of my websites started as a hobby, so at that stage, the price was the most important factor. However, as the sites began to grow and generate revenue, the price remained a factor, but it wasn’t everything. Here are some of the things I look for in a web host for my business WordPress sites:
Excellent customer support: for me, this is the most important by far. Things can and will go wrong, and there will be cases where the website or server is unreachable. Customer support personnel are the people who can save the day in such cases, so they need to be responsive and also well informed to be able to help you get the website back up within the shortest possible time.
Reliable and solid infrastructure: these two go hand in hand. Reliability is achieved with a solid infrastructure. The best way to find out on how reliable a web host is by reading reviews and by asking their sales team for information, maybe even a reference from one of their big customers.
Performance: a really important factor for a fast website. Some web hosts nowadays offer customized caching and CDN solutions, which are crucial for busy sites.
Cost: A web host is not something you change every month, so I also look for web hosts who have long term plans. For example, you get a discount when you pay for a year in advance.
Q7: What do you enjoy doing when you’re away from your laptop?
I really like the outdoors, so whenever I can, I’m either running, hiking or mountain biking. I have also competed in a few enduro races.
Robert Abela biking
Q8: Whom should we interview next & why?
I’ve met quite a lot of interesting people in the WordPress community. But if I had to recommend someone, I would suggest interviewing Akshat Choudhary. I met him at the first WordCamp Europe in Leiden. He started BlogVault, an online WordPress backup service, and Malcare, a WordPress security service in an already crowded market, yet he succeeded. So I am sure he has some interesting insights on the challenge in which he has embarked.
If you enjoyed this article, then you'll love Kinsta’s WordPress hosting platform. Turbocharge your website and get 24/7 support from our veteran WordPress team. Our Google Cloud powered infrastructure focuses on auto-scaling, performance, and security. Let us show you the Kinsta difference! Check out our plans
Thanks, we've saved your settings, you can modify them any time on the cookie settings page
These cookies are needed for our website to function providing payment gateway security and other essentials. Therefore they are always on but they do not contain personally identifiable information (PII).
If you've set preferences (which cookies you accept and which you don't) we store your preferences here to make sure we don't load anything that you didn't agree to.
WordPress sets a couple of cookies that track logged in users and store user preferences set in their WordPress user profile. These are set for members of the Kinsta website only - members of our staff.
Stripe is our payment provider and they may set some cookies to help them with fraud prevention and other issues. This is required for our payments to work.
This cookie contains information about the affiliate who refered a visitor. The cookie contains no information about the visitor whatsoever.
Analytics help us deliver better content to our audience. We have made sure no personally identifiable information (PII) is sent by anonymizing IPs.
Set and used by Google. It allows us to A/B test our content to make sure we're providing visitors with what they need most.
If you sign up for our newsletter we'll remove the newsletter subscription box for you. This cookie has not personal data it just indicates if you have signed up.
Marketing cookies help us target our ads better. We mainly use them to target ads to users who have visited Kinsta.
Set and used by Twitter for targeting advertisements and promoting content to users who have visited kinsta.com.
Set and used by Facebook for targeting advertisements and promoting content to users who have visited kinsta.com.
Set and used by Google Ads for remarketing, personalization, and targeting advertisements to users who have visited kinsta.com. (Google Ads Settings)
Set and used by HubSpot to improve our website and provide more personalized services to users who have visited kinsta.com.