Date:June 11, 2026
WordPress work touches more people than clients usually see. When a site has a problem, the developer is rarely the only person who needs the full picture. The project manager has to coordinate with the client. Customer care may be the first to hear that something is wrong. DevOps may need to check what is happening underneath.
When the same topic comes up in different parts of a conference programme, different people notice different things. That is how the work actually functions, and it is why bringing a mixed team makes more sense than sending one person to report back.
Before WCEU started, we had a day together without laptops. We walked through Kraków with a guide, saw more of the city’s history, took buggy rides through the old streets, had lunch that ran longer than planned, and ended up playing VR games. It was a good way to start before everyone split into talks, workshops, and meetings.
Why development is only part of the picture
Several sessions this year dealt with topics that sound technical on the surface but are really about who is responsible when technical decisions turn into client problems.
Security showed that most directly. Research presented at the conference tested multiple managed WordPress hosting providers against known vulnerabilities and found that a significant majority failed to block the attacks. The time to exploit was reported in hours. I have had versions of this conversation with clients many times. Someone chooses a hosting provider based on what the sales page says and assumes the security is handled. The reality is usually more complicated. Branimir, who manages our infrastructure, and Jesper, who is typically the first person a client calls when something is wrong, heard that session from different positions. Both reactions matter, and both are part of what Webnorth has to think about.
A related session covered NIS2 incident reporting from a small agency perspective. The timeline is what makes it important. If a client who falls under NIS2 is affected by a security incident, the reporting requirements start immediately, and agencies that service those clients are pulled into that process. We are reviewing our incident response documentation as a result.
The WordPress 7.0 panel helped our tech leads and senior developers understand where plugin permissions, AI integration, and core architecture are heading. Several core contributors walked through the release from the inside, including the decisions and tradeoffs involved. For an agency writing custom plugins and advising clients on platform choices, it is better to understand those changes early than to react once clients start asking about them.
WordPress as infrastructure
One of the things WCEU is consistently useful for is hearing how organisations outside the traditional WordPress world are using the platform. CERN presented their decision to migrate hundreds of websites onto a centrally governed WordPress platform, and the reasons they gave were about maintainability, governance, and a clean separation between infrastructure control and content ownership. Those are engineering arguments, and they match the conversation we have with clients who treat WordPress as a lightweight option rather than a serious platform for governed, long-term digital platforms. That conversation comes up more than it probably should, and external references like this are useful when it does.
The work we need to make more visible
Vassilena Valchanova gave a talk on the distance between doing strong work and being known for it by people trying to hire you. Her argument is that clients often cannot distinguish between some agencies doing serious work and others doing much lighter work, and that closing that gap is the agency’s responsibility.
I do not think Webnorth has been visible enough publicly about the level of work we do. We have clients who have been with us for years, and projects with real technical depth across custom development, WooCommerce, multisite, performance, security, and long-term platform ownership.
That is also why we have been working more seriously on our cases. They give us a better way to show the thinking behind the work: the technical choices we made, the problems we solved, and why those decisions mattered for the client.
The follow-up from that talk is a clearer idea of what we should be writing: more technical reasoning, more specific opinions about the decisions we make for clients, and fewer broad claims that could belong to any WordPress agency.
Related to that, a session by Alain Schlesser covered what it takes for a WordPress site to be read and cited properly by AI systems, meaning the tools people now use to find and verify information. That means looking at structured data, robots.txt configuration, and how content is organised. If we are responsible for maintaining a client platform, we need to understand whether that platform is structured in a way those tools can actually use. That affects what we check in audits and what we recommend to clients about content decisions. It already belongs in audits, content planning, and technical maintenance.
A Danish WordPress conversation worth continuing
The Danish group at WCEU is small enough that people actually talk properly, and large enough that those conversations can lead to something concrete. This year, several of them turned toward one specific gap: there is no regular WordPress meetup in Copenhagen, and there should be.
I spoke with people from the Danish WordPress community about what it would take to get more activity around WordPress in Denmark. There are agencies, freelancers, developers, editors, project managers, marketers, and companies running large WordPress platforms here. Many of them would benefit from a local place to meet, exchange experience, ask practical questions, and talk about the work behind real WordPress projects.
We are still talking about it, and we want it to happen. There is no reason all of that energy should only exist at international events.
A lot also happened between sessions and after the official programme. I was rarely in one place for long, which the team probably noticed. There was always another introduction, another agency discussion, or someone I wanted to catch up with.
Those talks connected directly to questions we work with every day: how agencies grow without losing technical quality, how partnerships create value for clients, how regulated organisations think about WordPress, and how specialised companies build trust. The afterparty carried some of that into a less formal setting, where people spoke more openly about agency work, clients, partnerships, and what they are trying to build.
What needs to happen now
Internally, we need to compare notes properly and update how we handle hosting assumptions, incident response, plugin standards, and technical risk before something breaks. Some of that belongs in documentation. Some of it should shape the conversations we have during scoping and review.
Externally, we need to publish more of the reasoning behind our work, especially through the cases we are already working on.
The Copenhagen meetup conversation should not disappear now that everyone is back at their desks. If you work with WordPress in Denmark and want to be part of that, reach out.
