Long Term WordPress Planning?

Sadly if you want to use a CMS you will need to update them. Even a vanilla Wordpress or Joomla! install will require periodic updates.

For reference, Joomla! 1.5.26 remains stable and secure ... you would have been fine with the latest version of that branch assuming your extensions are also up to date.

You could outsource the updating, but otherwise it is a case of keeping in the loop and applying updates I'm afraid!

Ruth

its so sad ..... avoid extra plugin or too much dependent on plugins . and keep up to date your wp versioin. wp is more secure than joomla.
wp for long term is a good idea . wp is easy to handle , modify,backup.

^^ the above post while "linguistically challenged" a bit it has one of the most important answers: the over-use of plugins is more likely to create vulnerabilities than the occasional late upgrade.

However, as always, the issue is not as clear-cut as we like them to be.
There were major WP releases (major is e.g. v9 or 9.4; minor would be v8.3.5) that had a security holes right from the moment of being released.
On the other hand some minor releases - they are, usually, bugfixes - were so stable and secure that I was very reluctant to upgrade to the next major version until they ironed out all the bugs...

What I am trying to say:
- mechanical, blind upgrade to every "new" (shiny?) version is NOT always good!
- wait until the next minor release, when the bugs are fixed (based on users' feedback) and do the upgrade then
- use the minimal number of plugins: the majority of plugin coders are morons and/or enthusiastic do-gooders - do NOT trust them!

I do have WP sites (don't know enough about Joomla to have an opinion) since 2004 and 2005 running even today, never hacked. Which might be luck, I admit. I am a "slow upgrader" - meaning always a few small steps behind the dernier cri. Plugin minimalist: only from trusted sources and exclusively when there is no other solution for that feature. Themes either done by myself or by the best trusted designers/coders.

And yes, hosts do that: with another, by now defunct CMS, they also told me to take the site off and when I wasn't fast enough... they did.

Any time Joomla! release an update which has the words 'security release' in them, you need to update immediately. Nowadays, incremental updates (e.g. 2.5.8 to 2.5.9) are done at the click of a button (literally) and they do not change anything by way of the templates or anything like that.

Anything involving a different first number, e.g. 1.5 to 2.5, 2.5 to 3.0, generally needs a bit more by way of planning to ensure that you know what you're doing, as often there are larger changes involved. For more information please check out: Understanding the Joomla release cycle,

Wordpress have their own release cycle which is here WordPress › About » Roadmap.

Of course you should still take a backup and test the backup before doing any updates, just to be sure.

Saying Wordpress is more secure than Joomla! without any data to back that up is completely unhelpful - on what basis are you making that statement, the number of zero day vulnerabilities or the number of security updates that have been released? In relation to the number of sites that use the CMS, or just the numbers? The number of insecure extensions, or the number of sites that you yourself have had compromised? Or maybe something someone once told you?

If you're going to make such bold sweeping statements, back them up with facts please

Ruth

I think you can partner with some well reputed freelancer or with a company who will take care of your website.