Backwards Compatibility vs. Encouraging Better Security #48493
Replies: 1 comment 1 reply
-
|
This is probably best discussed on the make.wordpress.org/core blog.
As a member of the security team, I disagree with this characterization. The focus on backward compatibility is instead sending the message "don't worry about updating, WordPress will make every effort to ensure your site will continue to work after you update". This is but one of the reasons I have been advocating continuing to maintain backward compatibility. Failing to do so discourages users from updating.
When the security team dropped support for very old versions of WordPress, the upgrade notice in these versions was made more prominent to inform users their version of WordPress is no longer receiving security updates.
I can't find it just now but somewhere on WordPress.org there is an api endpoint that lists which versions of WordPress are secure vs insecure. In branches receiving security updates, the latest version is secure and the previous versions are not. For insecure versions, perhaps the upgrade notice could be made more prominent to indicate they ought to upgrade. Either to the latest minor release of their branch or the latest major version of WordPress.
For fresh installs of WordPress, WordPress enables auto updates of major versions. For older installs, auto updates of minor versions are automatic. Edit: I found the API endpoint listing secure and insecure versions of WP. https://api.wordpress.org/core/stable-check/1.0/ |
Beta Was this translation helpful? Give feedback.
-
Interesting viewpoint, thanks for the perspective.
I have never seen that notice before, but I'm glad they made that decision. Thank you @peterwilsoncc for clarifying some of these questions I've had. Of course there are more downsides of being so backwards compat as we are. A lot of noise in the code, fixing and introducing new stuff takes much more time and effort, etc. But this does give me a clearer image of why we would want to do it. |
Beta Was this translation helpful? Give feedback.
-
The issue
One of the main areas of critique towards WordPress has always been security. The biggest cause of insecure WordPress sites has always been neglecting updates. WordPress is focussed HARD on backwards compatibility. That begs the question, should we be so focussed on backwards compatibility? We're basically saying "it's okay if you don't update, we'll make sure everything still works as long as possible".
A proposal
Wouldn't it be better to start giving the signal that it's a high risk to have your WordPress install out of date? I understand this has implications on a big scale, but I'm sure we could find solutions for them. Like only supporting the current major version (for a new theme that would be 6.x.x) and displaying a big notice a few months ahead of time before they have to update, or when support drops for the version of someone's install. This gives them time to take action.
Playing the devil's advocate
You could say this is the responsibility of the user, and it is, we should not force them to update, but we shouldn't encourage them not to update as well. Not updating wouldn't only have security vulnerabilities, but would also break some things, which is perfectly fine. The security vulnerabilities already outweigh anything else breaking.
As WordPress, powering such a big percentage of the web, I think we should take some responsibility in this.
Beta Was this translation helpful? Give feedback.
All reactions