: How do you manage extensions and upgrading the code? If you use something like wordpress, and you need to upgrade because of some new security threats, some of your addons and extensions will
If you use something like wordpress, and you need to upgrade because of some new security threats, some of your addons and extensions will not work.
So if you don't upgrade, you'll face security issues, and if you do half of your plugins will not work.
I know some people who have abandoned products like wordpress, or magento, and joomla.
What's the right way of dealing with this issue? Is there a solution?
More posts by @Dunderdale272
2 Comments
Sorted by latest first Latest Oldest Best
Security exploits usually result in a security update. Generally speaking, these fix only the security problem(s) and include no new features that might break existing functionality unless somehow directly related to the exploit.
So if anything breaks as a result of a security update, then in theory it's because it would have exposed the system to the exploit being fixed in the first place and you'd want to also update the relevant plugin/template/whatever at the same time. In theory(again) the people responsible for that plugin either pay attention to such things or have been notified and will have fixed their code accordingly, in concert with the core application so that your upgrade goes smoothly.
If not, that's why you should have a development/test server, as Anonymous pointed out, so that you can test these things before pushing them live. If things like uptime are important to you, you should be doing this for any update to your sites anyway.
Worst case scenario, if the project for whatever reason doesn't do a security-only upgrade, you might end up needing to figure out what in the release deals with just the exploit and do some degree of manual patching or whatever, but this is relatively uncommon. (Again, your vagueness makes this hard to address.)
There are several ways these problems might arise and several ways they should be dealt with.
If there is a severe security vulnerability with a piece of software that requires immediate upgrade:
Upgrade the software immediately, if any addons/plugins/extensions break, you simply disable them. Security is usually key - after all a vulnerability might expose your site to a hacker bringing it down altogether. What's worse, a slightly broken site due to plugins or a completely broken site due to a take-down.
If a new version of software with new features is released:
Upgrade the software on your development server (don't have one? Get one). Iron out any issues before pushing your development version of the site live.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.