I lately needed to focus on a task in which the previous developer modified the wordpress-admin directory. It appears like an awful idea in my experience, since Wordpress is continually up-to-date. Shall We Be Held simply not at this degree of expertise with modifying Wordpress?

Being free, I believe it is a common factor for software like WordPress to become modified and extended at any time.

To change or otherwise to change is really a choice between trade-offs. Additional features could be exemplified as modules, which might, possibly, cause their functionality to become less integrated than preferred. However, fully integrating changes may hinder easily upgrading the program as new versions are launched.

It will require that somebody be very acquainted with the program to change the program directly, but this is not always an awful idea.

On the side note, I believe modifying WordPress is nearly essential, particularly if you would like it to possess a decent architecture in order to really be secure (ok, which was a jab, sue me).

Well, it's a bad idea only for the reason that this means after you are accountable for maintaining an interior defacto fork ... each time WordPress releases an update, you need to perform a three-way diff to merge your changes in to the new "real" WordPress. (Three-way diff means you perform a diff involving the fork from the old version and also the standard old version to construct an area set, then apply that patch set towards the latest version.) It's also wise to be utilising a VCS you to ultimately stay sane.

Discover as much as this then you definitely aren't as much as it, there is nothing wrong with following a Hug principle and never mucking in the application code.

If you're able to write a wordpress plugin that does exactly the same factor and will it just like effectively, then you want to do that so it's not necessary to keep your own fork.

However, you will find several things WordPress is terrible at (efficiency, security) that you could ameliorate (sometimes with little work, simply by crippling code you do not need) only by hacking the applying code. WordPress is dirty legacy spaghetti code initially compiled by individuals with virtually zero understanding of software or database design, also it does lots of greatly stupid such things as querying the database on every request to determine how it is own siteurl is, if this never changes -- there is nothing wrong with taking a few minutes to alter 2 lines of code therefore it does not do that anymore.

I labored as tech add a then-top-20 Technorati-rated blog and did lots of try to scale WordPress on one server after which onto a cluster (with separate servers for admin versus. public access). We'd upstream reverse proxies (i.e. Varnish or Squid) serving as HTTP accelerators as well as an internal object/page fragment cache system that blocked into memcached with failover to filesystem caching using PEAR::Cache_Lite. We needed to modify WordPress to complete such things as send sane, cache-friendly HTTP headers, to disable lots of unnecessary SQL and processing.

I modified Wordpress to operate using MySQL's memory-only NDB cluster storage engine, which meant indicating indexes in many queries (ultimately we elected for any duplicated cluster rather, however). In modifying it to operate with separate servers for admin versus. public access, we locked lower the general public-side version therefore it went with much reduced MySQL rights permitting only reads (another MySQL user got leaving comments rights).

For those who have a significant comment junk e-mail problem (i.e. 10K/hour), then you definitely have to behave beyond plug ins. Junk e-mail will DOS you because WordPress just initializing its core is one thing like half another on the stand alone P4 without any concurrency, and also, since Wordpress is really a code hairball there is no method of doing anything without initializing the core first.

"Wordpress-Cron" is braindead and really should be disabled if you can get a real crontab to do these characteristics. Not difficult to do.

In a nutshell, I possibly could continue forever listing explanations why you might like to make changes.

Throughout this it had been obviously an objective for maintainability good reasons to keep these modifications low and document them as clearly as you possibly can, and that we implemented many as plug ins if this made sense.