WordPress planning a forced remote upgrade rollout of old installs

Discussion in 'Wordpress' started by R0binHood, Aug 10, 2019.

  1. R0binHood

    R0binHood Habitué

    1,222
    432
    +951
    • Informative! Informative! x 2
    • List
  2. eva2000

    eva2000 Habitué

    1,716
    857
    +789
    wow that is going to be fun and interesting to see play out !
     
  3. Paul M

    Paul M Limeade Addict

    3,784
    1,627
    +2,203
    They are still giving you the choice,

     
  4. gConverter

    gConverter Participant

    64
    13
    +46
    I like it. It'll remove tons of garbage from web... Good for developers and good for people data safety.
     
  5. LeadCrow

    LeadCrow Apocalypse Admin

    6,383
    1,232
    +2,154
    I wonder if one of the main reasons to do that isnt to forcefully obsolete specific technologies and massively boost the active market adoption of others like AMP overnight.

    The security angle is pretty much the only way to promote such a move, but this also has the potential to break a huge number of websites. Unless WP coordinates with webhosts to make full backups of client accounts running wordpress installs before they proceed. Many might need to update their stack first too (phm 5.6 and earlier being EOL yet in widespread hse), which the WP devs cannot force.
     
  6. R0binHood

    R0binHood Habitué

    1,222
    432
    +951
    I think the idea is that if they're still running software that old and don't respond to any fair upgrade warning, the chances are they're abandoned or infrequently administered sites and need to be upgraded anyway. I guess they figure the collatoral damage of potentially taking some low trafficked sites offline with the upgrade outweighs the downside of having a potential mass of hacked Wordpress sites in the wild pointing users towards spam or creating botnets, which would also be even more damaging to the brand than the risk of wp hacking already is.
     
  7. overcast

    overcast Enthusiast

    196
    23
    +37
    I think many people are still on WordPress 3 and they need to be moved otherwise they will get hacked for sure.
     
  8. Bluefish

    Bluefish Aspirant

    14
    8
    +13
    I have a client that's on an outdated and unsupported template using the latest version of wordpress it will stand without breaking, which is about 6 versions old now. The shared server this client is on is running an outdated version of php that the latest version of wordpress doesn't support and for some lazy reason the host won't upgrade. I just sent the client the link above saying it's just a matter of time now and time is running out. I feel like the lawyer that tells his client, "I can make a little money doing your will now, or you can ignore it and I can make a whole lotta money fixing the mess you'll leave without one."
     
  9. R0binHood

    R0binHood Habitué

    1,222
    432
    +951
    I have a client that had a custom WP theme built back in 2011. Miraculously it's lasted every core update since then with zero compatibility changes required. Even after upgrading to PHP7.3

    The only changes have been related to 3rd party add on integrations such as lightboxes and contact forms, which I think required one major upgrade sesh over a day, a couple of years ago. It required sourcing some replacement plugins to maintain functionality lost from abandoned ones. It wasn't as tough as I thought it would be though thanks to the incredibly plugin ecosystem and installer. It didn't take long to find easy to install up to date plugins to replace the old ones.

    It looks a tad dated now as the theme's not been updated in 8 years, but not horrific compared to some stuff I see half that age, and it's chugging along nicely with the latest version of WP and WordFence to keep an eye on things.
     
  10. eva2000

    eva2000 Habitué

    1,716
    857
    +789
    the other side is if they're already hacked/comprimised, then force updating may not help make it any more secure !
     
  11. overcast

    overcast Enthusiast

    196
    23
    +37
    That is a good point..In such case they just have to either remove those files manually or have a clean install.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.