This document relates to the Service "kundenspezifisches Blog Hosting" (see SLA here) and defines tasks and responsibilities for WordPress based blogs hosted by ETH IT Services.
Overview: Updates and Maintenance responsibilities
responsibility:
ETHZ IT Services
customer
WordPress Core
Plugins (preinstalled)
Plugins (custom)
Themes (preinstalled)
Themes (custom)
custom code
Details: Updates and Maintenance
to ensure latest security and feature updates for WordPress Core, we set the following two variables to have auto updates.
please do not disable or interfere with these Plugins.
All Other Plugins (installed by customer) must be updated and maintained by the customer. We recommend enabling auto updates. ETH IT Services reserves the right to update outdated Plugins without further notice.
Go to your dashboard > Plugins > Enable auto-updates
You can get an overview of outdated components in WPMU Defender Pro Dashboard.
ETH IT Services installs and maintains the default WordPress themes ("Twenty Twenty", "Twenty Twenty-One", "Twenty Twenty-Two")
All customer-specific themes must be updated by the customer.
ETH IT Services reserves the right to update outdated themes without further notice.
SSH Access
your blog is accessible by SSH key authentication. Publickeys are stored in .ssh/authorized_keys. We highly recommend using comment fields in your publickey to associate keys to specific users. The authorized_keys files is owned and managed by the customer.
User Registration
if you decide to configuire anonymous user registration, you are fully responsible to implement additional verification methods (captcha, 2FA, ..). Public Anonymous user registration will cause your site being part of spam/botnets and therefore be taken offline.