Skip to main content

Service Level

Fully-managed centralised WordPress service (from May 2025)

All upgrades to WordPress and plugins are provided centrally without the possibility of fixing a given website to a specific WordPress version.

When interventions are not expected to be transparent, eg, downtime is expected or they introduce a service change, they will be announced timely at the Service Status Board.

The following rules apply:

  • Only the plugins and the CERN WordPress Theme included centrally in Service may be used;
  • No plugins enabled by the service can be disabled. In particular, the authentication and authorisation is configured by the Service, and uses CERN SSO and Authorization Service, as well as role configuration via the Application-Portal;

Disclaimer on customisation

It was decided at the Web Governance Board, that the new WordPress service does not allow for customisation. This decision came after an thorough analysis of the Drupal ecosystem and the goals for the new WordPress system.

Ultimately, we could identify that the resource requirements per website are directly correlated with the amount of customisation.

  • Approximately 53% of CERN websites in Drupal feature/d customisations, many of which extensive and poorly documented.
  • We were thus dealing with an inherently complex and challenging ecosystem further strained by the weight of extensive CERN-specific customisation, increasing maintenance and necessary support work.

Moving forward, it is the Web Governance Board desire that the new infrastructure provides an easier upgrade experience, with less technical knowledge required for end users to ensure compatibility with the interventions. This ultimately will allow for better maintenance of websites in the long run, and well as a cohesive approach to CERN's digital identity and reputation.

Everything will be managed centrally, and transparently for end users.

Thus, no customisations (theme, plugins, integrations) are allowed on the central infrastructure, apart from well justified use-cases who plan to actively develop their sites.
For those, an explicit exception must be sought from the Web Governance Board (see https://governance.web.cern.ch/) before initiating development and the website owner(s) must accept that it will be their sole responsibility to ensure compatibility or fix any issues that might arise.

The following rules apply to them:

  • customisations will need to be integrated and managed centrally for better transparency
  • customisation will need to be managed and versioned via a custom theme on CERN Gitlab, giving the Infrastructure and Web team admin access
  • all exceptions granted need commitment of human power to maintain codebase of customisations through out the website life; and to coordinate and ensure timely updates and upgrades
  • customisations are the sole responsibility of website owners
  • website owners will need to be available to react and respond to any security incidents; at the cost of the website being put offline at any moment

WordPress Lite/ Self-service

A self-managed WordPress service is provided by the IT department to help CERN users quickly provisioning their own dedicated WordPress instances in central web servers. The IT department provides the infrastructure and a WordPress operator with support for SSO, but users are in charge of administering and maintaining their instance.

Warning

No expertise is provided for WordPress configuration or development, and support is limited to the infrastructure.

For new releases, IT deploys the latest image from upstream with a semi-automated process. Versions of WordPress are centrally managed, so users should expect upgrades from time to time, with no action from their side. Note that, although we offer such possibility, it is unsupported to have WordPress instances frozen on a specific version.

The operator provisions by default CERN SSO authentication and provides instructions about how to configure access control with grappa groups.

The operator is maintained by the CERN community with best-effort support.

Disclaimer: Service level

The current offering of WordPress (self-managed) does not have the same level of support, performance, or scalability as other website solutions at CERN, which are centrally managed such as Drupal, WebEOS or GitLab Pages. For websites which require good performance or high availability please use one of the alternatives available.

Users are encouraged to get in touch to transition their websites to the central infrastructure.