So, you’ve chosen WordPress as the CMS for your business’ website or blog, beating out other systems like Drupal and Joomla. You may now be considering which version of WordPress is the best? Well, the easy answer is the latest stable release, which can always be found at https://wordpress.org/download/. The latest versions of your server’s operating system, WordPress, and the software it runs on should be used whenever feasible to keep you as safe as possible from vulnerabilities, but there are some additional considerations you should be aware of – or perhaps you’re at the mercy of – before you install.
Does your target WordPress hosting environment meet the system requirements? If for some reason your deployment environment is not up-to-date with the latest PHP and database versions, the bleeding edge of WordPress may not function on your system. As of this writing, WordPress 4.6 is the latest stable release and PHP 5.6+ and MySQL 5.6+ (or, MariaDB 10+ is now also supported) is recommended, though it will function with PHP 5.2.4+ and MySQL 5.0+. The WordPress download site does mention the caveat that you are potentially opening yourself up to attack with these previous versions.
Forward-thinking system administrators and hosting services will likely be utilizing PHP 7.0+ very soon, if not already, and, in fact, the WordPress team plans to make this a requirement in mid-2017 as PHP 5.6 active development ceases in December 2016 (though security updates will be applied through most of 2017). If you must run an earlier version of WordPress, be aware of the risks you are taking — your site could become the target of hackers. All previous WordPress releases may be found at https://wordpress.org/download/release-archive/ if you accept the risks involved. Also note that it will be difficult to find support or assistance if you run into issues with previous releases, as, generally, support forum users will assume you are running the latest version.
This feature is included in the WordPress package by default since version 3.0, and you’ll want to consider the possibility of enabling it before you install. Multisite was created for the WordPress.com blogging platform (which hosts millions of blogs), and it allows you (or your WordPress users, if you so choose) to create a network of multiple websites or blogs, rather than just a single WordPress site — all of which can be administered in a single control panel and share the same WordPress core installation. If you plan to run multiple sites and would prefer the ease of maintaining and updating only one WordPress core, consider enabling this feature ahead of your installation. It’s relatively straightforward to enable Multisite, just by adding a line to your wp-config.php file and configuring it in the control panel thereafter.
Why the Latest Version
As I’ve already mentioned, the latest version of WordPress will include security updates to remedy vulnerabilities in the code. As you know, WordPress is open source software and its entire codebase is available for public perusal, which means it’s also scoured by hackers. While this sounds scary and it does open up the potential for vulnerabilities to be discovered, it, in fact, makes the code overall more secure, as it’s been scrutinized by untold numbers of people and as a result, is hardened through this process.
New Features, Bug Fixes, and Performance
The latest release will also come with exciting new features that may improve your experience and, in addition to the previously mentioned security updates, a slew of general bug fixes and performance increases will be included as well. See an example of these improvements in the release notes from WordPress 4.6 at https://codex.wordress.org/Version_4.6.
When Not to Upgrade
Poorly-designed or seldom-updated plugins can sometimes cause us grief or misbehave after a WordPress version upgrade, or, in some cases, cease to function at all. Savvy plugin developers will be ahead of the curve on this and have their code functioning in developer builds before stable releases are sent out for an upgrade (hopefully taking advantage of any new improvements in the WordPress core as well). If you utilize more than a few plugins and have concerns over your site becoming unusable or unstable after an update, you may wish to disable automatic updates. If you do, I recommend enabling email notification of updates, so you are still made aware when new versions are released and can plan accordingly.
Ideally, you should be making backups of your WordPress site and database on a regular basis, but take care to do a fresh backup ahead of performing an update. This way, the site can easily be reverted to its previous state should something go wrong with the installation or if your plugins should fail to work afterward.
Latest is Greatest
The security of your site, your users, and their information is the greatest concern in choosing a WordPress version for your business website, and for this reason, the latest stable release is almost always recommended. If you must install a previous version due to constraints in your production environment, be aware of the risks involved. If the thought of keeping your WordPress installation up-to-date and free of errors sounds daunting, or too much of a hassle, consider evaluating managed WordPress hosting services, which will keep the back end of your site maintained for you so you can focus on your users, front end appearance, and content of your site.