One of the greatest benefits of being a part of the WordPress community – is the access to the hundreds of thousands of existing plugins. A site owner can easily go from a vanilla site to something with a lot of functionality in a matter of minutes. On the same note – having access to all these plugins can easily cause more harm than help. Example: I recently worked with someone who was having problems with upgrading their site to the latest version of WordPress. I figured this would be a 30 minute task. After logging in and seeing they had over 60 plugins – 40+ which required upgrades – the task quickly grew.
By keeping everything up to date is important – but I would also like to stress keeping a lean version of your site is equally important. If you need a certain custom functionality – take into consideration the server resources, time for updates/debugging, etc. versus what you really get from it. Debugging 1 plugin is manageable, debugging 10 plugins is a task, debugging 40 plugins is insanity. Also – if you decide that a plugin is just not working the way you expected – delete it and forget about. There is no reason you need to keep plugins that you do not need around. By keeping these files around – it also takes up valuable resources that could be better used elsewhere.
If you are looking for a fast and secure web site (who isn’t?) remember to keep it simple. Custom functionality is great – but don’t forget to think about the cost.
In the last week – I have updated a number of out of date WordPress sites for clients. Some were running WordPress before version 3 (which came out in June 2010 – over 2 years ago). Others were only a point release or two behind. Many clients are nervous about updates, while others want to update every six months. In reality – not keeping up to date should make you more nervous about updating your site and scheduled updates – while they sound nice – do not always work.
Thankfully the reason for all the recent updates were not because of any hacks – the important lesson here is that it is essential to update as soon as possible. Not only will your site be more secure but updating a point release at a time is a lot easier than updating a site from several versions back. Things change, code improves, other code depreciates. Updating your version of WordPress is a lot less painless when you do it often and regularly vs. in an emergency because of a hack.
While updating WordPress is essential – so is keeping up to date with plugins. I recently was brought in to assist with an upgrade which had an outdated version of WordPress along with over 40 plugins that were out of date. (Yes – 40). While most people often “do not want to rock the boat” with plugin updates – these updates are also essential. Plugins also contain security updates which are important.
If you are serious about your web presence – take some time to update WordPress and the plugins as the updates come out. If you are concerned that an update might break some custom functionality – create a backup first and then update. If anything goes wrong – you can always go back to what you had right before the update. If you do not want to worry about updates – consider moving to a WordPress host like WP Engine – who will take care of WordPress updates for you.
I took some time today to download the latest version of WordPress (2.5 beta 1) and decided this would be a perfect opportunity to switch to using subversion to manage my WordPress updates. Now that I am all switched over – updates will be much easier to manage.
My initial thoughts and opinions on WordPress 2.5:
- The upgrade was painless – 5 minutes.
- All my plugins worked except for my “Secure Admin” plugin – but that was out of date.
- My theme works fine – after I made some adjustments to some of my AJAX features that relied on an outdated version of Prototype.
- The new admin interface is well laid out for the most part. I am still not sure I am sold on the really light colors, but I will give it some time to grow on me.
- The admin interface is cleaner – it no longer shows artifacts like post and category ID which only a few of us use. (If you want to see the post ID or cat ID, just hover over the edit link next to these items and you can see it in the URL – thanks Demitrious)
- The post interface is much elongated due to the options that were once available in the right hand column (categories, password protect post, etc) are now below the post box instead of next to it. This is going to take some time to get used to.
- Overall – this is a big release and I look forward to working with the changes and enhancements.