Mobilegeddon WordPress Learnings

wordpressAbout a month ago I wrote about Mobilegeddon.  Changes coming April 21 2015 will result in mobile friendly sites being promoted more, by Google, when searches are from mobile devices.

At first I wasn’t going to do much about it. This site is ten years old and ran a ten year old version of WordPress, patched in places and some unused remote access functionality disabled as I had learnt of vulnerabilities. It used plugins, particularly one for ‘related links’ that I knew wouldn’t work with new version of WordPress. The heavily modified template would also have to be changed to a more modern mobile-responsive template. It all seemed like too much effort for something that isn’t my core work.

More recently I had some spare time so created a copied, separate site to try and attempt the upgrade to see how difficult it would really be. You can’t just upgrade from 1.5 to 4.1.1 and instead you have to upgrade the database in stages, each time for a few WordPress releases at a time. It took some time but was more straightforward than I expected. I ended up dropping the related links plugin I was using and started using a more recent one that dynamically creates the related links rather than me having to select fixed ones for each post. This also now has the advantage that old post’s related links now change, with time, as newer related posts are created. I have also been able to add the latest SEO plugins.

I am pleased with the result. It’s much easier to author posts now. Interestingly, Google is now indexing the whole of this site rather than less than half of the site previously. Presumably, the new template (or SEO plugin) is more Google bot friendly. The site is also now responsive and passes the Google mobile friendly tests. It took a lot less effort than I anticipated and if you are in a similar dilemma as to whether to upgrade I’d recommend you do so.


One affect I wasn’t expecting has been the huge increase in number of brute force attacks on the admin login page. I noticed this when I saw the WordPress login page getting of a factor of 100 more hits than all (the thousands of) pages on the rest of the site. There are many attackers, every hour, repeatedly trying to access the admin page. I can only think that going from WordPress 1.5 to 4.1.1 the site now looks more like a typical WordPress site than it did! I have since strengthened the login password and have added a lockout plugin that works after 4 failed attempts.

We will have to wait until the 21st April to see if the changes will have any affect on traffic.