WordPress has been a rock among the shifting sands of website building platforms, with a fifteen-year history in the space. While other platforms have come and gone, split into multiple platforms, or struggled to even get noticed, WordPress has been a steady force that nearly one-third of the internet relies on. On December 6th, we saw the release of what is largely considered to be the biggest change to WordPress ever seen. WordPress 5.0 has moved away from the Classic Editor, and implemented the new editor, Gutenberg.

The New WordPress Editor

While the switch to Gutenberg is definitely not the only change with the release of WordPress 5.0, it is the most noticeable and publicized change. Where the Classic Editor functioned much like a word processor, Gutenberg is what is known as a block-based editor. If you want to add a section title, you add a title block. Paragraphs get a block, images are another block—any piece of content that goes into your post or page will have its own block. A change of this magnitude will naturally have a learning curve for anyone who has been using WordPress for years, but this adjustment period is typically short.

Classic Editor
Gutenberg Editor

Moving from the Classic Editor, Gutenberg has a bit of a foreign feel at first, and then begins to feel almost magical. The familiar content box, with the formatting ribbon we’ve seen on nearly every word processor for decades, is suddenly gone. Instead, there is a smaller content box, with only a few formatting options available. The magic starts happening when you begin moving down the page, adding new blocks. Gutenberg intuitively puts you in a block type based on the previous block. If you need a different type of content block, there is a simple block type switcher where you can select the type of content you need in that block. Gutenberg quickly begins to make more sense, and becomes easier to navigate, than the Classic Editor.

Gutenberg Block Switcher

As great as Gutenberg may be, it also isn’t for everyone—yet. If your website uses a theme or plugin that has not been updated to be compatible with Gutenberg yet, you might need to stick with the Classic Editor for a little longer. You might also find yourself looking for some features that are no longer available and will be needed before the features are incorporated into Gutenberg in the coming months. If you are not using an incompatible theme or plugin, and don’t need more than the basic editing options, go right ahead and give Gutenberg a try. There is a Classic Editor plugin that you can install to get the previous WordPress editor back, so if Gutenberg just isn’t for you yet, you can always go back to a familiar editor.

What Does This Mean for My Site Security?

With any change, it is always a good idea to take security into consideration as well. Even if you will not be among the first to use Gutenberg, now is the time to update WordPress to ensure you have the latest security features built in by the WordPress team. As this is a major release, it is also the perfect time to audit your themes and plugins, removing any you no longer need and ensuring everything you keep is updated to the latest version. Even if a move to WordPress 5.0 isn’t right for you, it is important to stay up to date with the latest update for the version you are using on your site. WordPress maintains security updates on many older versions when an issue is discovered.

WordPress has already released its first update for 5.0, with the 5.0.1 security update released on December 13th. This update includes fixes for a range of security issues from unauthorized metadata modification, to multiple cross-site scripting (XSS) vulnerabilities and even one vulnerability that could lead to exposure of email addresses and default passwords. While none of the patched vulnerabilities affected Gutenberg, they did affect the WordPress core, and some plugins. Many of these vulnerabilities did affect WordPress 3.x and 4.x sites as well, so you should make sure to update your site to protect against these vulnerabilities, even if you haven’t made the move to WordPress 5.0 yet.

Some good news for any customers with SiteLock INFINITY, SiteLock has you covered! Our patching services will ensure your site is patched against the latest vulnerabilities, giving you the time you need to complete the upgrade, and ensuring the latest version of WordPress is compatible with your site. For more information on how updates and patching are an important part of your total website security, see our recent posts What Is Malware and How Can It Affect My Website? and What is website security? on the SiteLock blog.

To learn more about Gutenberg, visit WordPress.org.