WordPress planning a forced remote upgrade rollout of old installs

Paul M

Limeade Addict
Joined
Jun 26, 2006
Messages
3,938
They are still giving you the choice,

The WordPress team plans to send emails to website administrators and show a stern warning in websites' dashboards before starting the auto-update process. These warnings will also include opt-out instructions, and will be shown/sent at least six weeks before a site is forcibly auto-updated
 

gConverter

Participant
Joined
May 7, 2016
Messages
76
I like it. It'll remove tons of garbage from web... Good for developers and good for people data safety.
 

LeadCrow

Apocalypse Admin
Joined
Jun 29, 2008
Messages
6,578
I wonder if one of the main reasons to do that isnt to forcefully obsolete specific technologies and massively boost the active market adoption of others like AMP overnight.

The security angle is pretty much the only way to promote such a move, but this also has the potential to break a huge number of websites. Unless WP coordinates with webhosts to make full backups of client accounts running wordpress installs before they proceed. Many might need to update their stack first too (phm 5.6 and earlier being EOL yet in widespread hse), which the WP devs cannot force.
 

R0binHood

Habitué
Joined
Nov 23, 2011
Messages
1,411
I think the idea is that if they're still running software that old and don't respond to any fair upgrade warning, the chances are they're abandoned or infrequently administered sites and need to be upgraded anyway. I guess they figure the collatoral damage of potentially taking some low trafficked sites offline with the upgrade outweighs the downside of having a potential mass of hacked Wordpress sites in the wild pointing users towards spam or creating botnets, which would also be even more damaging to the brand than the risk of wp hacking already is.
 

overcast

Adherent
Joined
Mar 17, 2019
Messages
487
I think many people are still on WordPress 3 and they need to be moved otherwise they will get hacked for sure.
 

Bluefish

Aspirant
Joined
Jul 7, 2019
Messages
15
I have a client that's on an outdated and unsupported template using the latest version of wordpress it will stand without breaking, which is about 6 versions old now. The shared server this client is on is running an outdated version of php that the latest version of wordpress doesn't support and for some lazy reason the host won't upgrade. I just sent the client the link above saying it's just a matter of time now and time is running out. I feel like the lawyer that tells his client, "I can make a little money doing your will now, or you can ignore it and I can make a whole lotta money fixing the mess you'll leave without one."
 

R0binHood

Habitué
Joined
Nov 23, 2011
Messages
1,411
I have a client that had a custom WP theme built back in 2011. Miraculously it's lasted every core update since then with zero compatibility changes required. Even after upgrading to PHP7.3

The only changes have been related to 3rd party add on integrations such as lightboxes and contact forms, which I think required one major upgrade sesh over a day, a couple of years ago. It required sourcing some replacement plugins to maintain functionality lost from abandoned ones. It wasn't as tough as I thought it would be though thanks to the incredibly plugin ecosystem and installer. It didn't take long to find easy to install up to date plugins to replace the old ones.

It looks a tad dated now as the theme's not been updated in 8 years, but not horrific compared to some stuff I see half that age, and it's chugging along nicely with the latest version of WP and WordFence to keep an eye on things.
 

eva2000

Habitué
Joined
Jan 11, 2004
Messages
1,779
I think many people are still on WordPress 3 and they need to be moved otherwise they will get hacked for sure.
the other side is if they're already hacked/comprimised, then force updating may not help make it any more secure !
 

overcast

Adherent
Joined
Mar 17, 2019
Messages
487
That is a good point..In such case they just have to either remove those files manually or have a clean install.
 
Top