Wordpress 3.5 upgrade to 4.0. Theme compatibility

Question

I got in charge of some small sites that are running on WP 3.5; they are all using the same theme (a customized version of Bones). I have only used Joomla some years ago so I have no idea if, after the upgrade, the theme will still be compatible. I want to upgrade my WP version because the current one is vulnerable: I keep getting spam links into my articles that are placed inside hidden divs. How can I know if the template is compatible or how can I fix the security issue. Any of these will do great.

Thanks!

Answer 1

WordPress does a very good job of changing very little with regards to theme tags in a core update. That said, we have no idea how your theme(s) have been made, or what functions they use.

The best, and probably only realistic option here, is to create a test site (a duplicate) and update that site first, then test to make sure all is working as it should.

As for the vulnerability, this is likely due to an insecure admin password or an insecure plugin. You should ensure all your plugins are up to date and that your admin panel is suitably secure .

Answer 2

When you update wordpress, it will not affect the wp-content folder which is having themes and plugins. So, don't worry update it. But for the secure updation, please take the backup of whole website first. Take backup of database and all files before doing any update.

Answer 3

Try to install the site on your PC creating a local copy using XAMP (for Windows). In this way, you can:

• download the MySQL database to have all the information of the website locally;
• install the latest wordpress platform locally (on your PC);
• test the website thorugh common browsers.

At the end, you'll be sure about the compatibility and you can update the main site.

I have built my own theme with the Artisteer software; then i modified many PHP file to manage the loop in some special ways; so, to be sure that everything is working after an update of the site Wordpress version, i test everything on my PC.

For the vulnerability, please verify your plugin and all your theme file. In some experiences, there are some plugin or simply some codes place somewhere in your theme which can create something like this:

> <div id="headerblock"> <center> <div style="left: -2227px; position:
> absolute; top: -3337px">

The only thing to do is check all the theme file and plugin to see where this code is placed. Please check here for more information.

If you only change your password, probably it will not solve you problem because the malicious code is already inside your system.

Sometimes the malicious code can be placed directly inside the MySQL database.

Answer 4

WP 4 hasn't been out that long. I'd hold off on the upgrade unless you absolutely have to, until you know that all of the plugins used on the sites are compatible w/ WP 4.