Yesterday on my personal blog, I wrote about WordPress 2.3.3 upgrade due to a security exploit, and one issue I wrote in the comment, is that there are just too many blogs out there installed by Fantastico and alike, that are never updated. They are often targeted by the hackers, employed by blackhat SEO, to inject hidden links into existing blogs. Matt from WordPress agrees:

I think you also have a good point that we need to put pressure on the hosts and Fantastico to take responsibility for the blogs that they set up and stay current with releases.

Then I received DreamHost‘s latest newsletter (January 2008), and in section 2 they introduced their new one-click install “easy mode”:

As dumbed-down as we already made our one-click installs, it seems, like politics, there’s always sufficient demand to make it even dumber.

Which is why we now have “easy mode” for our one-click installs, currently available only for WordPress and currently “BETA”:

When you do “easy mode”, you’ll be using a fully-hosted version of WordPress as opposed to getting files installed into your own web space.

This fully-hosted version WILL use your own MySQL database though, which you’ll have full control of. Although you can still pick from over 50 themes and enable some plugins we have installed, you won’t be able to customize the themes or install extra plugins.

However, you also won’t have to worry about managing your installation at all.. we’ll automatically handle all upgrades and it’s now on US to make sure your WordPress blog is always working and fast and correctly configured (so long as you don’t go mucking directly in your database)!

(In fact, “easy” WordPress one-clicks are ALREADY upgraded to 2.3.3!)

You still get the installation at any sub-domain of yours you’d like and of course there are no ads or anything of THAT ilk.

Also, “easy mode” is cool because ALL you do is pick a sub-domain and in less than 17 seconds you’re ready to blog!

Wow! What DreamHost has done is pretty much mimicking, an application hosting service that takes care of everything for its users! The service provider is responsible for updating all the software stack to ensure the service is always up to date and secure. Yes it is a locked-down platform and you cannot modify your theme files nor uploading any plugins (although there are already 50 themes installed), but sometimes you do have to trade flexibility for security.

Moreover, the database will be listed under your DreamHost control panel, and you are free to mysqldump and move it elsewhere later, which is something that you cannot do with You should probably also host the media files (images, videos, etc) on a different sub-domain inside your DreamHost account, to make later migration easier.

With all that excitement, I went up to my DreamHost account to check it out straight away. Under “Goodies” and “One Click Installs”, you can now find this:

DreamHost Easy Mode One Click Install

Choose a software (only WordPress is available at the moment), choose a sub-domain and hit “Install for me now!” and the software is installed! A few seconds later, I can already browse to that URL, and what presents in front of me is a standard WordPress installation page where you type in your blog’s name and admin’s email address, and your WordPres blog is up and running in no time.

All too easy.

These are the plugins installed:

WordPress runs very fast as well. All blogs created are CNAME’ed to, instead of on the server your websites normally are. They probably run PHP in FastCGI which is why you can’t edit theme files inside WordPress (due to different uid).

$ curl -I http://<my blog>
HTTP/1.1 200 OK
Date: Wed, 06 Feb 2008 23:48:45 GMT
Server: Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2
X-Powered-By: PHP/4.4.8
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

Well done DreamHost!

Okay. Time for some disappointment. When I first logged into my shining new quick-installed WordPress blog, scrolled all the way to the bottom of the admin page, and this is what I saw…

WordPress 2.3.2

WordPress 2.3.2?! WTF?

Update: More issues:

  • Instead of WordPress-related websites and services, we have DreamHost blog/support/wiki/etc installed by default on the blogroll.
  • Can’t write to .htaccess which means no mod_rewrite, which means no clean URL.