ArtsHacker’s Guide To Combating Post Net Neutrality Slowdowns: Stability and Security


By: Drew McManus

While open source publishing platforms (WordPress, Drupal, Joomla, etc.) are loaded with positives, one of the growing challenges is making sure the combination of themes and plugins function as designed without conflicts following updates.

If you think you can avoid the problem by simply ignoring updates, think again. They often include critical security updates that protect your site from hackers looking to exploit potential vulnerabilities.

More often, updates include improvements and new features that keep your site running optimally across all device types and browsers as well as making sure you can leverage the latest programming standards.

Since WordPress is the most widely used open source publishing platform, the bulk of this article will focus on that specific environment. If you use a different platform, know that all the basic concepts are similar, but you’ll want to consult with their respective documentation for specific steps.

[box type=”alert” icon=”none”]AN IMPORTANT DISCLAIMER: implementing theme, plugin, and core publishing platform updates can trigger conflicts that will prevent features and functionality from operating properly or even critical site failure. You can go from running fine to all mucked up in no time at all. Be sure to make a backup of your site files and the database before following any of these instructions. Better still, practice on a staging or sandbox environment before implementing on your live site. If anything goes awry, that’s on you.[/box]

1. Self-Managed Vs. Third Party Support

The vast majority of you will fall into one of two scenarios when it comes to maintaining themes and plugins:

  1. You’re self-managed which means you’re responsible for implementing all these related tasks directly.
  2. You have a third-party provider doing all of this for you.

Even if you fall into the latter group, you’ll want to review this content and contact your provider to make sure updates are being applied and whether they are following these recommendations.

2. Keeping Themes And Plugins Updated

WordPress makes the actual update process as easy as possible by telling you when updates are available.

  1. You’ll see a notification icon next to the Theme and Plugins admin menu items and there’s also a notification section in the top admin bar.
  2. You can manually check for updates by visiting the Dashboard>Updates admin panel and selecting the “Check Again” button.
    Tip: if you have a multisite network version of WordPress, there’s an additional admin panel for pushing updates across each install available in the Dashboard>Upgrade Network admin menu item.

Implementing updates is point and click straightforward, select the items you want to update, then select the respective update button.

2.1 Read The Update Notes!

  1. Next to each available update, you’ll see a View Version link. You absolutely, positively want to select this and take the time to read the complete update notes. They usually appear in changelog form, which is a bullet point list of new features, bug fixes, and if anything has been removed.

The changelog is your first line of defense when identifying any potential pain points. Having said that, changelogs and update notes are only as good as the people creating them.

Some developers provide meticulously crafted notes and highlight major updates while others provide little information. There are no requirements on how much info a developer must provide so forewarned is forearmed.

2.2 Pros and Cons of Automatic Updates

More and more, theme and plugin developers are offering options for rolling out automatic updates. This is a real time saver, especially when you discover how often updates roll out. But like most tools, it has pros and cons.

Auto-updates save time but they can trigger conflicts without you even knowing about it until it’s too late. You won’t receive any advance notification when updates roll out. As such, it’s a good idea to limit auto-updates to developers that have a good track record of not breaking things and are quick to reply to support requests if problems do arise.

2.3 Patience Is Still A Virtue

If an update doesn’t contain a critical security patch, you’re almost always better off waiting a day or two to roll them out. Code comes from humans and humans make mistakes. It isn’t unheard of to have an update contain an unexpected bug or trigger a conflict with another commonly used plugin or theme that the developer couldn’t anticipate.

When this does happen, good developers will push out a second update within 24 hours.

Sitting back and playing it cool will help you avoid getting snarled in any inadvertent update bugs.

2.4 Keeping Core WordPress Updated

In addition to your theme and plugins, you’ll notice WordPress updates. These are almost always a bigger deal because this is the code foundation your website house is built on. Changes here can trigger conflicts on one or even all your themes/plugins.

Major releases almost always contain some element that requires theme and plugin developers to play catch up. At the time this article was written, WordPress was approaching their BIG “Gutenberg” update release. In a nutshell, this is the most substantial change to the way WordPress functions in the last two years and it is widely anticipated that a number of themes and plugins will break once the update is rolled out.

It’s common for good hosting providers to roll out core WordPress updates automatically, especially any that contain critical security patches.  As such, you’ll want to see if your host provides a notification opt-in to let you know when this happens. Even a few hours head’s up can make the difference between big pain points and smooth sailing.

2.5 The Best Solution: Use A Sandbox or Staging Environment

It’s common for quality hosts to provide what’s known as a staging or sandbox environment. This will be a clone of your live site, but in a place that isn’t publicly accessible. It allows you to roll out updates and identify any pain points without impacting your live site.

I can’t count the number of times a staging environment has saved my bacon. They are so valuable, it’s worth considering the hassle of migrating hosts if your current host doesn’t provide them.

Resource Tip: be sure to check out The Pros And Cons Of WordPress Plugin Updates, written by master programmer Aaron Overton. It provides even more details about many of the items above.

The Pros And Cons Of WordPress Plugin Updates

3. Properly Implementing Theme and Plugin Trials

Theme and plugin trials are like updates in that they can trigger conflicts or critical errors. But instead of updating existing files, your activating something new.

This is absolutely something that should be done on a staging environment.

This will also provide the ability to track down conflicts by manually deactivating plugins one by one then checking to see if the errors persist. If they go away after a deactivation, you just found the culprit.

  1. Navigate to the Plugins admin panel
  2. Select a plugin’s Deactivate link then return to the frontend, reload, and see if the error persists.

Having said that, problems are sometimes the result of combinations of plugins not getting along. In those instances, you’ll need to take things up a notch and learn how to use Chrome’s Inspector to identify conflicts (that’s something we’ll learn in a future article).

Developing a confident process of testing new themes and plugins along with rolling out updates on a staging site is one of the most effective tools to help keep your site optimized and running as fast as possible.

To that end, part of your regular testing process should include running page load speed tests before and after updates are rolled out.

4. Conclusions

In the end, this is all about creating good habits. If this is all new to you, don’t be surprised if it seems like a lot of work at first.

The good news is this is absolutely something that goes much faster after you’ve done it a few times. And once the post net neutrality landscape becomes clearer, you can bet that developers are going to be far more mindful of optimizing their code to adjust accordingly.

All this means you can anticipate update releases to be quicker than current cycles.

Drew McManus
Drew McManus
In addition to my consulting business, I'm also the Principal of Venture Industries Online but don’t let that title fool you into thinking I'm just a tech geek. I bring 20+ years of global broad-based arts consulting experience to the table to help clients break the cycle of choosing one-size-fits-none solutions and instead, deliver options allowing them to get ahead of the tech curve instead of trying to catch up by going slower. With the vision of legacy support strategy and the delights of creative insights, my mission is to deliver a sophisticated next generation technology designed especially for the field of performing arts. The first step in that journey began in 2010 when The Venture Platform was released, a purpose-designed managed website development solution designed especially for arts organizations and artists. For fun, I write a daily blog about the orchestra business, provide a platform for arts insiders to speak their mind, lead a team of intrepid arts pros to hack the arts, lead an arts business incubator, and love a good coffee drink.
Author Archive

2 thoughts on “ArtsHacker’s Guide To Combating Post Net Neutrality Slowdowns: Stability and Security”

  1. I am going through this right now with one of our B2B customer portals: updating a Typo3 (open source, quite common in Europe) installation from v6 to v7. We have an external provider who charges a 5 figure sum – as a fixed price. He his way beyong unhappy as are we: the whole thing is going on for more then 4 months now – and we haven’t really started testing. Would he charge us by the hour we would have been better off starting from scratch, maybe with Wordpress … Customer will hopefully not experience any problems, there a few bug fixes, but other then that: no added value this side of the security patches.
    Expensive, cumbersome, time consuming.

    • I feel your pain! The recent NTEN session Ceci Dadisman and I did on RFPs had a big section about just how much update maintenance contributes to Legacy costs. This item needs far more weight than it usually deserves when determining which publishing platform to use along with the combination of plugins.

      Too many providers are happy to slap any combo of plugins into a site so long as they deliver the feature/functionality clients want without really informing them about potential legacy costs to maintain.

      At least half of the new Venture Platform users each year are coming from situations where they reached the point you mentioned vis-a-vis it costing less to simply rebuild with better foresight than attempt to fix what’s in place.


Leave a Comment