Aug 23, 2019

The WordPress team plans to forcibly update old websites, totaling roughly 3% of the entire internet

The WordPress team will soon begin forcibly updating outdated WordPress installations. Through a tiered forced auto-update process, WordPress will update batches of sites one version at a time, carefully incrementing the version number for every site until each is up to date (WordPress v4.7). If a site breaks during the update process, as a result of incompatible plugins or themes, WordPress will rollback the update and send an email to the site administrator outlining the consequences of not updating, which the administrator will then need to do manually.

WordPress installations account for an astounding 37% of all internet websites. Sites running versions 3.7 to 4.7 account for 11.7% of all WordPress sites, or about 3% of all internet sites. Auto-updating capabilities were added in WordPress v3.7; any website using a lower version number will remain at its current version, meaning that roughly 1% of WordPress installations will likely be forever irreparable.

WordPress originally planned to update all sites to v4.7 in a single monster update process, without incrementing through intermediate versions, but developers feared a sizeable chunk of the internet would be taken down in one fell swoop. Through the updated plan, if WordPress notices that many sites break during its incremental process, the plan can be halted altogether without destroying the entire ecosystem.

Over the past few years, WordPress developers have been backporting security patches to earlier versions, but as the platform progresses and PHP evolves, backporting becomes increasingly tedious and cumbersome. To make matters worse, older versions of WordPress are notorious attack vectors for hackers, so leaving them unpatched is not an option.

Forcibly updating WordPress is important for accelerating development and resetting its controversial security reputation. Today, WordPress is the engine of the internet that continues to chug along, growing steadily from 13% of all websites in 2011 to 32% in 2018, even as the internet itself has rapidly expanded. Developers often praise its vibrant ecosystem and usability. Even so, WordPress is under siege from paradigm shifts in software development: PHP is falling out of favor and static web pages using decoupled architectures are on the rise. Forced updates are the first steps in a great modernization effort, but WordPress faces an uphill battle in maintaining its dominance.

Want to get more of these in your inbox?

Subscribe for weekly updates from the Software team.