I am wondering what else we can do to improve the blog problems.
>
> 1. Upgrade from WordPress 3.6 to 3.8
>
You should *always* upgrade WordPress to the latest version every time a
new version is released. It should be a top priority to upgrade
immediately. Otherwise the WordPress installation will get hacked. And I do
mean *will*, not might. It eventually happens to every WP install ever.
Applying upgrades will prevent problems. And backing up the database
continually, and keeping an archive of backups for at least six to twelve
months, maybe more, is also key to not loosing the content. I've built
many, many WP sites, and had to revived hacked sites many, many times (for
clients who didn't keep the software updated).
This is what happens — Automattic finds a security flaw and fixes it.
Hackers read the new code, and write bots to exploit the newly-closed hole.
Their bots crawl the internet looking for any sites that have not upgraded
yet and infect WP databases with malicious javascript. For a while your
site sits there fine, nothing wrong, while the malicious code hibernates —
usually for months. Then, eventually the malicious code is activated. It
usually spreads hidden links, pages and ads all throughout the site — to
produce results for blackhat SEO companies. You can't just restore a
database from last week or last month. Usually you have to go back to a
database from 6 months or a year ago to have clean data. Or manually search
the database for the hundreds of instances of spam scripts. It's a real
pain.
Don't ever run WordPress two versions back. Upgrade immediately. Especially
on a host that's doing little to block these kinds of hackers.
Which also means don't fork WordPress or create any kind of fragile custom
code that might prevent an easy, clean upgrades. Or use Plugins that are
not well maintained. You'll need to be able to upgrade every time,
immediately, without hassle.
Jen