Temptations of Open Source Software
When you have a website built with WordPress, it’s tempting to mess with the WordPress core code when you need to customize functionality. It seems like the easiest, most straightforward way to end up with the exact behavior you want. But we don’t think you should, and here’s why:
Dangerous Changes
Sometimes the safest distance between two points isn’t a straight line. Similarly, diving into the WordPress core code isn’t the safest way to customize its functionality. Make changes and you risk the following:
- New security vulnerabilities. Future WordPress updates won’t fix any security holes introduced by your changes. Worse, because no one else has your changes, no one else has your vulnerability. If a hacker probes your site and finds it, you’re on your own to discover and cope with any hacking attempt.
- Difficulty in deploying future upgrades. If you make your own changes to the WordPress core code, you’ll lose those changes if you upgrade your site to a newer version of WordPress. When the core code changes, the changes you made might not work anymore, so you might need to redevelop your hack; it might not work at all and you might lose your change for good.
- You may break something else. Unless you’re very familiar with the code, it’s hard to be certain that the changes you make won’t break another part of WordPress. You need to do complete testing before deploying your changes to make sure everything else still works.
Alternatives to Modifying WordPress Core Code
Those reasons don’t mean you shouldn’t make changes to WordPress; they just mean you should find an alternative to modifying the WordPress core code. Fortunately, you don’t have to look far to find ways to do this.
Plug-ins are the standard approach to making user extensions to WordPress functionality. If the functionality you are adding is valuable, creating it as a plug-in lets you share it with other WordPress users easily.
Another alternative is to create a patch to the core instead of modifying the core code directly. You can even reach out to WordPress and if your change is valuable, it can be integrated into the official WordPress codebase.
Contributing to Core Code
There are rare scenarios where changes have to be made in WordPress core because the changes just can’t work as a plugin or a patch. If there’s no other way to implement the fix you need and you clearly understand the implications (e.g., unable to install software updates and upgrades) and you have sufficient personnel or resources, then maybe it’s the right business decision. However, I’ve found that most SMBs don’t usually fall into this category.
If you’ve got the coding chops to consider modifying WordPress core code, then I highly recommend becoming part of the community. Ask other coders on how they’ve solved the same or similar challenges. The forums and committees provide a wealth of information just for the asking. Who knows… your idea could become a component of the next software release.
Is there a functionality you couldn’t add to your WordPress website with a plugin?
photo credit – top: Christiaan Colen
photo credit – body: OpenSource.com
Signs of a Grey Hat SEO Agency