Protect Yourself from WordPress 5.0

tl;dr: WordPress site owners should install a protection plugin ASAP, and then wait until January 2019 to update WordPress past version 4.9.8.

Public service announcement for everyone who has a WordPress site: WP 5.0 is going to be released on Dec. 6, 2018.

The new post/page editor in 5.0 completely revolutionizes the way posts and pages are created, but it is also likely to cause problems when editing post/pages that already exist, especially if you have any kind of custom formatting (extra HTML code, CSS, shortcodes, page-builder or landing-page plugins, etc.) on any of your posts/pages.

The good news is that it’s extremely easy to protect your site, without sacrificing security or usability, and upgrade to the new editor on a schedule of your choosing, instead of having that schedule dictated by the timing of a WordPress software release.

Here’s what I recommend:

Step 1: Install and activate a protection plugin immediately.

By “protection plugin” I mean a plugin that blocks the new editor in WP 5.0 from being used, keeping your post/page editor working exactly the way it does right now.

My favorite plugin to do this is called Disable Gutenberg, authored by Jeff Starr (there is another plugin with the same name, which I haven’t used, which is why I’m specifying the author of the one I have used). Gutenberg is the code-name of the new editor, to distinguish it from the current editor which is being called the Classic Editor.

Another plugin that does the same thing is called Classic Editor Addon, by Pieter Bos and Greg Schoppe. When you install this plugin, it will prompt you to also install a plugin simply called Classic Editor, which you should definitely do.

Both of these options can be installed right from your WordPress Dashboard. Make sure to activate the plugin you choose when installation is finished.

The main reason I like Starr’s plugin is that it does the job with one plugin, with no configuration required, while the Classic Editor and Classic Editor Addon need to be combined to get the same result. Really, either way is fine, and there are also other plugins that do the same thing that are probably also fine but I haven’t personally tested them.

That’s it. You are now safe. When WordPress 5.0 comes out, you can go ahead and update, provided you follow standard best practices for a major update, including making a backup first, testing functionality after the update, and keeping an update log. My post on how to update WordPress shows the process, my free guide How to Upgrade Anything is still valid, and my free WordPress Update Checklist is also still valid.

Step 2: After WordPress 5.0 is released, decide when to update.

Normally I’m in favor of updating to the latest release of WordPress fairly soon after it’s released. That’s why I’m in favor of the built-in automatic updater (which, I should note, only updates minor releases, such as 4.9.7 to 4.9.8, so it will NOT update your site from 4.9.8 to 5.0).

In the special-snowflake case of WordPress 5.0, I think it might be better to wait until January 2019 to update, for a few reasons:

  1. We’re in the middle of the holiday season, and you might have less time to debug and troubleshoot. Make time to do this in January after the holidays are over.
  2. WordPress 5.0 isn’t fixing any critical security holes. Its main purpose is to bring the new editor to the world, so if you’re already proactively blocking the new editor, there’s less of a compelling reason to update.
  3. Because of the large number of “open issues” (which means “problems” even if they aren’t technically “bugs”) that still exist in the 5.0 release, it is highly likely that one or two minor updates (such as 5.0.1, possibly even 5.1) will be released in the four to six weeks after 5.0 comes out. You can get all the benefits of these releases, without having to experience the pesky bugs, if you simply delay updating.

I’m not alone in advising website owners to wait to update. The authors of Yoast SEO, one of the most popular and powerful plugins in the world (and a plugin I like and recommend) say that if you can wait until January, you should.

Note that if some kind of critical security vulnerability arises in the next six weeks, it will become important to update WordPress to fix that problem, so it’s better to be safe and install a protection plugin, even if your current plan is to wait until January to do your WordPress updates.

Step 3: Make a plan for migration to the new editor.

In January, after WordPress 5.0 has been out in the real world for awhile and many issues will hopefully have been solved, you can take your time deciding how to migrate to the new editor.

If you have a relatively small number of pages, that plan might simply be to make a backup, then save each of your pages with the new editor, taking the time to rebuild or fix any formatting wonkiness that shows up.

If you have a larger site, you might decide to “freeze” most or all of your preexisting content (blog archives, for instance), which simply means deciding not to edit older posts, and using the new editor for new posts.

You might decide to migrate your pages to the new editor over a longer period of time. With the protection plugins I mention above, this should be possible.

Whatever road you take, the new editor is going to become a permanent part of WordPress, so you will need to learn to use it eventually. And it is extremely powerful, giving website owners control of in-page layout that they never had before.

And all that power and control will still be there in January, when you have time to explore it without the holidays bearing down on you.

So take control of your own update timeline, install a plugin to protect your site, and resume your holiday plans.

And if you’re part of my Peace of Mind Program, rest easy, you’re already protected, and I will handle the 5.0 update for you.