Laser Technik Ltd

Providing Internet services for over a quarter of a century

WordPress (and other software)

We now use WordPress for most of the web sites we build.  More detail of WordPress can be found further down this page. We retain full competence in the underlying technologies (PHP, Javascript, CSS, HTML) and so can also create bespoke code and customise WordPress beyond it’s normal capabilities.

We make extensive use of WordPress plugins and themes  (templates) to keep development costs down. We also supplement your any photos you provide with commercial “stock images”.

Themes speed the design process by providing layouts and  appropriate high quality stock images are usually included in the price.  Similarly the themes may include some plugins (e.g. a theme for photographers will include better photo galleries than any provided by WordPress).  There are free themes but the more feature-rich ones come at a price.

Plugins add functionality not provided by WordPress.  There are free plugins, often “teasers” for a commercial version. We do use free plugins where they are adequate for the need.

Our policy is to purchase lifetime multi user licenses of the themes and plugins we use whenever possible. That means we always have access to an extensive library costing £thousands.  Rather than charge each client for single site licenses we recover our outlay by adding a small share of the cost to each project (unless we are unable to buy an unlimited license).  The theme we use for most tasks would cost $249 for a single-site lifetime license, as a LaserTechnik client that cost is covered by our multi-user lifetime license. 

Most new-build web sites globally are now constructed using an “open source” software product called WordPress for which no charge is applicable.  Major users are encouraged to take out paid support services but this is very seldom necessary for SMEs and micro-businesses.

A web site written in 1995 would still work fine today and would have needed very little ongoing maintenance,  simple changes like phone numbers and text.  Todays web sites built using far more complex products like WordPress are several orders of magnitude more complex and  require frequent change to keep up with the fast rate of change in the underlying technologies. It’s like comparing your old land-line telephone to a current mobile phone. The land line has undergone one significant change in my lifetime: from rotary dial to push-button. I believe many iPhone users replace their phone every 2 years or sooner (possibly at a cost of £1000) .

In order that there are no “surprises” I want to give a little more detail about WordPress in particular but similar issues arise with all comparable software products.  WordPress is supported better than any other software free or commercial.  There is a global community of coders supporting WordPress and problems are often spotted within minutes and fixed within hours.

WordPress relies on a set of underlying open source products. Most websites rely on the same underlying software items.  At time of writing those are Apache (or similar) web server; a Linux (or similar) operating system; the PHP computer language; MySQL (or similar) database software; ECMAscript (a.k.a. Javascript) programming language; CSS.  Although these are effectively “free” they are all subject to ongoing frequent updates.  A web site owner should check for updates and apply them.  This is not difficult and many are automatic or else the need to update is shown in the WordPress control dashboard.

From time to time there are major changes to the core components such as PHP.  These changes can “ripple down” though software elements such that a PHP update may imply a need to update WordPress and that in turn may cause problems with plugins.  These updates are driven by a process of constant improvement but also the continuing battle against malicious “hackers” and updates are sometimes obligatory and urgent.  A web site owner must be alert to any warnings of impending change and should act promptly.  An example: PHP 7.4 delivers significant speed improvements but there are some changes to how it works (such as “a change in the precedence of string concatenation operator”, that probably means nothing to you but represents a worthwhile improvement in the robustness of program code but at the cost of existing code needing checking and possibly updating).

Any update raises the possibility of incompatibilities arising.  This is not a common issue but should it arise technical assistance may be required and there may be an associated cost.

WordPress alone cannot address all possible requirements.  It is commonly enhanced by using commercial add-on products.  Add-ons fall into two main categories:

  • The theme (a template on which the individual web pages are based).
  • Plugins (these provide specific additional features not found in the WordPress core product).

It can also be extended with additional bespoke program code but that can be costly – a competent PHP programmer will charge £50 an hour.  WordPress allows programmers to minimise the risk of conflicts with the core program by keeping such additions in a “child theme”.

There are over 50,000 free plugins and many thousands more commercial examples. While many of the free plugins are useful, their mid to long-term future is arguably less predictable than commercial plugins and best restricted to minor and less critical purposes. Most plugins are written by third parties, anything from a lone-coder to a team.  Many free plugins are limited versions of a better commercial “pro” version, the free version is often quite adequate.

Any plugin, free or commercial, is likely to need updates and these should always be accepted.
There is always a small risk that incompatibilities can arise when any software component has been updated.  Updates to WordPress itself that result in plugins misbehaving are usually promptly addressed, even with free plugins.
Clashes between plugins are another possibility, technical skills may be necessary to resolve these, unfortunately that may mean disabling one of the plugins and, if the function it provides is important, identifying an alternative.

Plugins may come from effectively “unknown” third parties they should be chosen with some care with a preference for those with a large userbase, high user satisfaction rating and a good history of updates.

No plugin can be guaranteed indefinitely, commercial plugins often come with a specified limited support period beyond which most will continue to function for several years as long as no significant conflict arises with the core WordPress, otherwise it is occasionally necessary to pay for an updated version (or find an alternative).

The situation with Themes is similar, there are many perfectly competent free ones, including some provided with the core product.  Many of the commercial alternatives provide vastly more flexibility.  Commercial themes often come with some facilities that would otherwise require third party plugins. Commercial themes vary in license terms and costs range from a few pounds to a few hundred.

It is possible to effectively “freeze” a website, rejecting all updates and upgrades and eliminating the risk of new problems emerging.  This is extremely ill-advised.  There will come a point when a major component requires an essential upgrade and the old version must be withdrawn (most often due to a major security issue).  That can have a ripple effect on other components resulting in a serious remediation project.

Security. WordPress originated as a blogging platform where visitors could comment on items.  This inevitably led to abuse of the system, not just by posting irrelevant material but also as an entry route for malware.  While those security issues have been largely addressed, best advice is to disable any third party update capabilities – which most web designers will do.

Otherwise normal security constraints apply but to be clear:

  • Only grant Admin rights to one person (should it be necessary there is a process to change the access should the designated admin user be unavailable, this will require technical assistance).
  • Only use the Admin account when it is necessary, have a second account with more restricted access rights for routine (content) updates.
  • Use strong passwords at least 12 character including lower and UPPER case, numbers and non-alphanumeric characters 
  • Avoid “obvious” usernames, in particular the one with admin rights must not be called “admin”.
  • Never share login credentials, instead create a separate login and only grant the user the level of access they need.
  • Delete any temporary logins as soon as the user has completed their task.
  • Don’t write down login credentials (instead use a password vault like KeePass, BitWarden or LastPass, these remove the problem of remembering dozens of unique complex login credentials).
  • Don’t re-use the credentials used to log in to any other web site (instead use a password vault).
  • Consider using Two Factor Authentication for maximum security.

Why use WordPress if it comes with some potential problems? The same can be asked of most modern software, even that in safety critical applications such as motor cars and aircraft.  A pure simple HTML web site from 1995 will still operate today and it will be much faster than anything else out there.  However the move from dial-up modem connections to high-speed broadband has rendered speed less of an issue.  At the same time technology has progressed almost beyond recognition.  Internet access from mobile phones with their tiny screens and fast connections has become commonplace and websites need to work well on those and on screens of 5 times the width.  Functional expectations have progressed from simple informational content to interactive applications like ecommerce.  I estimate that were one to try to use hand-coded HTML, PHP, CSS, JavaScript to create web site with comparable capabilities to those of a small WordPress web site costing maybe £1000, the cost of the hand coded site would be well over 100 times as much.

There are alternatives to WordPress such as Joomla but they too have their shortcomings, the market dominance of WordPress (approaching 40%, the nearest competitor takes under 5%) is a strong indicator that it is a sound choice.