WordPress is getting quite a black eye of recent with its security issues. I’ll add another issue.
As I was reviewing my site in Webmasters this weekend, I discovered something startling… a series of 404 Page Not Found errors all ending in comment-page-1. After doing some homework, I found that this was a paging mechanism that WordPress initiated with version 2.7.
Some SEO folks were upset because of the duplicate content it produced. Nevermind that the same content is available by archive, by author, by tag, by category, by year, by year and month, by year month and date… folks WordPress is a duplicate content monster!
Quit worrying about duplicate content!
Every CMS has duplicate content and Google has ways of filtering for it. I do utilize the canonical URL plugin, though! I want each post to get the backlink credit it deserves.
A bigger issue with this is the not found errors it’s generated for my site, over 75 pages… most of which are my most popular posts! I can’t figure out for sure why the pages are not found – it could be that I’m running IntenseDebate (you know… that app that the folks at Automattic bought? Same guys that manage WordPress development!). Paying attention to other blogs and support cases, I disabled the comment pagination (turned on by default).
Next was repairing the bigger issue – folks were landing on my site and getting Page Not Found errors. I began to go down the road of registering all the 301 redirects using this fantastic redirection plugin… but then I got to thinking. The redirects are all the same = removing comment-page-# off the end of the URL.
RewriteRule ^(.*)/comment-page-(.*)/ $1/ [R=301,L]
Now – I’m no .htaccess mod-rewrite master, but I think I’ve got the right method. I’m simply stripping any URL ending in comment-page- and a number off the end of the URLs. I just need to remember not to name any of my posts or pages Comment Page.
I love WordPress, it’s an incredible platform for geeks like me. However, issues like this continue to crop up more and more as the application gets more complex and they try to keep squeezing in more features. Businesses can not afford to have a platform that has security holes or needs to be maintained with this level of detail.
When I ask businesses why they go with open source applications like this, the decision is usually a combination of the popularity of the platform as well as the price. Businesses think free when they look at an application like this. It’s not free. Many businesses are scrambling to patch these security issues, upgrade their instances of the platform, remove or redevelop plugins… wouldn’t it be so much nicer if they could just focus on blogging?
It’s why I recommend blogging with platforms like Compendium Blogware and have an agency contract to support my own clients on the platform. My clients don’t have to worry about patching up security holes or maintaining their platform – they just work on getting inbound leads with a great search-targeted enterprise blogging platform.