WordPress questions, part 2

I have largely bent WordPress to my will. I couldn't get the built-in LiveJournal importer to do anything other than sit there for an hour and then say "XML-RPC Request Failed", so I hacked my ljgrabber script to download my entire LJ plus comments and emit a "WordPress Extended RSS" file, which I was able to import.

Check it out: woo.

I haven't enabled commenting there yet because I'm still tweaking things, but poke around and let me know if you see anything broken. Suggestions on how to make it look better or be more usable are welcome.

I guess I'm gonna have to convert all my "previously" links to point here instead of to LJ by diddling the database directly, sigh...

Questions:

  • I understand that using WordPress and/or its plugins means living in a world where you have to upgrade everything constantly. WP has plugin installation and upgrading built in, but -- WTF? -- it wants me to give it an FTP password to do so? (FTP still exists??) But this makes no sense at all: the WP install running on host X wants to download a file and then install it on host X by running FTP from host X, to host X? What am I missing? In what way is that not completely insane?

    So to install things I end up having to download and unzip them manually, and that's annoying. Why can't WP do this for me?

  • What comment-related plugins should I install to make it so that people can log in with Facebook and OpenID and stuff? I don't think I want to allow people to comment unless their email address has been validated by somebody, to avoid the usual drive-by shitcockery. (I've installed Akismet, but that's just a spam catcher.)

  • Should I look for a plugin for crossposting to Facebook and Twitter (and LJ, eventually), or just write my own?

  • There seem to be 30 different plugins to do any given thing (e.g., FB "Like" buttons). What's a good strategy for figuring out which ones are not gaping security holes?

  • Likewise, what plugins do you find useful?

Previously.

Tags: , ,