Clients regularly come to the IC because their existing websites can't be upgraded anymore. The sites were built in Drupal or Wordpress from a few internets ago, and for some reason the automatic upgrades to the latest version won't work, meaning the site is stuck in limbo. Worse, those old versions are now insecure, and have either already been compromised by malware, or are at risk of being compromised any day now. The same clients also notice the speed of website development slowing, and costs going up. So what's going on?
Like a garden, a website is never ‘finished’…
Rather than a project that can be completed like a bridge, think of a website as more like a garden. Like a garden, a website grows, changes and needs regular care.
Many people have gardens for their own enjoyment, but our clients have gardens that they want the public to visit. The gardens need to hold up well next to competitor gardens, keeping pace with trends and doing what the public expects gardens to do for a long time.
It's a mistake to think that such a garden will ever be 'finished'.
On top of being a good space for visitors, a garden should be designed to make it easy to get rid of weeds, and to be secure, so that vandals can't get in and cause damage. If there's a natural disaster, we have to be able to recreate the garden quickly.
(OK, maybe we're over-stretching the metaphor…)
All software suffers from
bit rot, and yet many websites are built on the assumption that once complete, very little will change or need to be upgraded. As the owner of a website, it's wise to plan for the site to change, and for the environment the site is in to change too.
But that's not how it's typically done…
The assumption that nothing will ever change is seen in a lot of traditional fixed-price, fixed-scope web agency work. The brief defines the deliverable. The agency delivers to the brief. There’s no real maintenance budget because the assumption is: once finished, the site will never need to change.
Especially with a fixed-price project, it's tempting to take an off-the-shelf content management system like Wordpress or Drupal and install plugins that exhibit the necessary features. Then you just have to change a bunch of code to tie everything together and to suppress the stuff that doesn't fit, and voila! As long as time and technology stand still, you’ve got yourself a perfect site.
There are problems though…
- Since all the plugins are designed for specific versions of Wordpress or Drupal, each plugin can't change too much, unless they all change.
- In theory, one could wait until everything has been upgraded before upgrading anything, but then you'd have to re-write any custom code.
- And while you're waiting for that, you're missing out on new features and leaving security holes open.
At this point, it's cheaper and quicker to start over.
For agencies whose motive is quick delivery and fast profit, this "sticky tape and string" approach easily becomes the preferred approach, but it's not sustainable. It sets up clients to have to throw everything out and start over even more expensively in a couple of years.
That's not an investment. It's just throwing money away.
So how do you build a garden?
To get the best garden, you need the right gardener, planting appropriate plants using good tools. Here are some things to look for:
Choose a web agency who can show you long-standing clients using long-standing websites
We’re talking at least five years. Ask what features they've recently added and when that client's CMS was last upgraded. The answer won’t be conclusive, but it'll be a sign that the agency has the know-how to build software that resists bit rot.
Look for contributions from the development team to open-source software
Not just the agency's own software, but software owned by other people. It's a sign that those developers know how to write high-quality code that can be used in many ways by many people, and that they care about the community that they rely on. The more people using and contributing to the same software you use, the more sustainable it is.
Ask how they keep track of software dependencies and how upgrades and modifications are managed
Explaining the different approaches to dependency management is beyond the scope of this article, but you're looking for a multi-paragraph answer using nerdy language like "version specification", "requirements", "upstream", "vendor/3rd party", "automated", "test coverage", "backwards compatibility", "long-term support", "every layer of the stack", and above all "documented".
Set aside budget for upgrades and maintenance
We suggest a minimum of 15% of your initial outlay per year; more if you're anticipating building new features.
If you’re feeling overwhelmed by any of these tips, we can help provide a technical assessment of any agency or technology you may be considering.
Or you could just hire us! 😉