We previously addressed the fact that there isn’t exactly a WordPress Enterprise edition. However, you will regularly see people talking about “WordPress for Enterprise”. What does this mean? How does this differ from “WordPress for bloggers”?
In this post, we’ll look at how you would approach extending WordPress for an enterprise site.
A Different Approach to How WordPress is Extended
When using WordPress to develop your website, the core software can be extended in two ways:
- Via plugins
- Via your active theme
This extension of capabilities is the same for both blogs and large enterprise websites. However, there is a key difference when approaching extension for enterprise websites – the intentionality of the extension.
Intentional, Custom Development
It would be a gross misuse of resources to custom-develop every feature built for an enterprise website on WordPress. However, custom development is far more common for enterprise-level websites.
For these sites, we don’t want to piece together a feature that is “kinda what you need” using a variety of different plugins. We want to build exactly what you need in the cleanest way possible. This greatly reduces the potential points of failure for the ongoing maintenance of your site and means running your site is much more enjoyable.
Custom Development Security
When doing custom development, there should always be an intentional review for security best practices. For example, when developing any sort of user interaction, a careful review of every action should consider:
- Capability – Does the user have permission to perform this action?
- Intentionality – Is the user intending to perform this action?
- Validation / Sanitization – Am I getting the type of content that I’m expecting?
- Escaping – Is the content I’m outputting safe to display?
Tip: There are some great engineering standards that I’ll commonly reference when building out features for client projects.
Careful Vetting of Plugins
There will also be free, open-sourced plugins (there are almost 50k free plugins!) as well as premium plugins used on an enterprise website. For a typical WordPress website, this can be a pretty haphazard process. Search for the feature you want and install the plugin!
But, for enterprise websites, the plugins used will be carefully vetted. Among other factors, a few key things need to be considered:
- Popularity of the plugin (e.g. how many times has it been downloaded)
- Reputation of the plugin (what does a Google search reveal)
- Reputation of the plugin developer
- Update history of the plugin (how often and when was the last update)
- User review history of the plugin
- Plugin support history (take a look at the support tab threads – is the developer responsive? Are there many problems?)
The goal is to have all code that extends the default WordPress functionality on your site to be secure and performant. This is a crucial foundation to have set when we start to factor in the considerations needed for hosting and maintaining WordPress for Enterprise.
Sign up for the LimeCuda Zest to learn more about…
Leave a Reply