Beware of geeks bearing gifts.

2 minute read

Recent events in the Wordpress ecosystem highlight a risk carried by many businesses

JFD BLOG GEEK GIFT IMAGE 1980px X900px WP 2

The majority of the internet is written in code that is shared in one way or another. It is an acceptable approach for many businesses, as the cost of writing something from scratch is significantly higher than reusing tried and tested (and publically shared) code. However, there is a hidden risk that is often obscured in the production of a website, which can pose a considerable risk for companies running their businesses online.

WP Engine is a popular hosting and plug-in service for Wordpress. Not only hosting websites but also developing and supplying plug-ins which are distributed to thousands of Wordpress sites, many of which use their plug-ins to run business critical services such as shops and membership areas.

Look the gift horse in the mouth

Unfortunately, WP Engine and Wordpress.org had a major falling-out which resulted in Wordpress.org blocking WP Engine users from updating their sites. For some business owners, this would be an incovenience at worst, but for many it would put their entire business at risk. With no security updates to installed plug-ins, websites may be exposed to malicious attacks, or have their operations grind to a halt.

Many developers will open their websites up to third-party plug-ins and build businesses around code they cannot control. If the risk is small e.g. "my sitemap xml is broken", then it may be acceptable. If the risk is "my business will stop running", then due diligence should be taken before tying a client's website and business to an unknown third-party developer. Plugin-in developers may be large corporate entities (like WPEngine), with support and service level agreements in place, but sometimes this may be a hobbyist, and that hobbyist might not even be in the same timezone.

Furthermore, there can be a tendency with developers to bundle multiple plug-ins into a single website. At this point, the website is exposed to many points of failure, with many, disconnected developers all contibuting to the success (or failure) of the website. 

The short support chain

The supply of support when building, hosting and maintaining a website is key to its longevity. The fewer people who have access to your website (by virtue of third-party plugins), the fewer points of failure you will have. Fewer points of failure, is ostensibly linked with security and reliability, given that even a single bad plug-in can reduce a website to a mess. 

We have seen many sites running business critical services, polluted with 3rd party code that the original developers have little or no control over. At jfd, our content-managed sites are built with CraftCMS using a very specific and limited set of plugins from developers who are Craft Partners. For anything else, and especially projects that are business-critical, your website is only touched by the jfd team.

 

 

 


Contact: Pete Jones

Our Services.

  • Digital

Blog.

All blogs
MOTION GRAPHICS BLOG 1980px X900px 144dpi 1

Making the most of motion graphics.

3 minute read

Concept Design Storyboarding Illustration Animation Scripting Production Sound Production

For any piece of communication, grabbing the attention and delivering a clear message is critical. No ‘reason to read’ equals no opportunity to effect change.

JFD JAGUAR BLOG HEADER IMAGE 1980px X900px

Love it or loathe it, it’s difficult to ignore it: the Jaguar rebrand.

2 minute read

Brand Identity

Unless you’ve been living in a cave (with no wi-fi signal), you can’t have missed the Jaguar rebrand and, shall we say, the kerfuffle and controversy it’s caused.

JFD Blog MAPS IMAGE 1980px X900px WP V1

Geographic mapping in the modern era.

1 minute read

Digital Digital Design

For over 5,000 years, cartography and mapmaking have been essential tools in human history. From ancient maps to today’s advanced technologies, we have used geography to deepen our understanding of the world for exploration, strategy, and planning purposes.