The service is built on the wpengine hosting platform (https://wpengine.com/), and details of the service offering can be found on the IT website. The Basic service offering is for a site within a WordPress Network (or Multisite installation), and the Custom service offering is in its own standalone WordPress installation.
The version of WordPress which this service uses is the latest stable version available from wordpress.org – we endeavour to keep the version of the software current at all times. The hosting company regularly patch any older versions of the core software or plugins as detailed here:
If a theme or plugin depends on parts of the WordPress API which have been deprecated or removed in the latest stable version, they may cease to operate correctly when these patches are applied.
The WordPress Coding Standards should be followed in all custom development work:
Any development for the platform must be carried out using the git distributed version control system (https://git-scm.com/), and access to any repositories provided to the University of Leeds. Details of how this is managed for the University theme are available here.
Where possible, the maintenance of any software developed for the platform should be carried out using the Github Updater plugin which is used to update all plugins and themes developed by the University of Leeds development team.
Storing data, either in theme options or in plugins, should be carried out using the various WordPress APIs wherever possible:
If additional database tables are required by a plugin or theme, there is guidance in the WordPress Codex:
This must be followed to allow for the correct application of any updates, and the correct function of any activation and deactivation routines. Deactivation or deletion of a plugin or theme which adds tables to the WordPress database should always result in the additional tables being dropped. Additional tables must also be prefixed correctly so they are specific to a site within a multisite network (and not global for the whole network).
All sites hosted in this service require a fully qualified domain name. Sites where the University is the main partner must normally use a leeds.ac.uk subdomain and must use the University WordPress theme. Other sites must use an external domain name which must be acquired through IT and must not use Leeds branding. All websites must comply fully with all relevant sections of the website regulations and in particular must have a valid privacy notice written specifically for the site.
Custom Theme and Plugin Development
All themes should ensure that the code they generate is valid HTML, and that the accessibility of the theme confirms to Web Content Accessibility Guidelines (Level AA) where appropriate.
Themes should employ a responsive design methodology to ensure the site works well on all target devices, and use progressive enhancement in any scripting to emphasise accessibility. Themes should support the latest 3 versions of all major browsers, including partial support for Internet Explorer version 8 (content should be accessible using this browser, although some enhanced features may not be present).
Most of the sites in the service run on a platform which provides PHP version 5.6. Care should be taken by theme and plugin developers not to use language features which require PHP 7 or greater.
Themes and Plugins which are downloaded and used from the repositories at wordpress.org are always updated as soon as the new versions become available. Care should be taken to minimise the risk of any unexpected behaviour as a result of an update, especially if the theme is being developed as a child theme of a freely available theme, or if the theme relies on the behaviour of a freely available plugin.
If a “premium” theme is used for a site, or a custom theme commissioned from an external supplier, any details of the contract with the theme supplier must be supplied so updates can be applied to the theme as they become available.
It is not acceptable to use a mechanism to prevent themes or plugins from being automatically updated, as this could leave the site vulnerable to attack from any subsequently discovered security flaws.
If a theme is dependent on a set of Plugins to enable its operation, the full list of dependencies must be cited prior to any development work taking place. As the update policy for Plugins from the WordPress plugin repository is the same as that for themes (i.e. all plugin updates will be applied as soon as they are released), care should be taken to minimise the possibility that any future updates will negatively impact on the functionality of the site. Any support contract for custom theme development should also ensure that the theme will still operate as planned when these updates to plugins are applied.
Sites in the service can utilise any freely available plugins in the WordPress Plugin directory on condition that:
- They are not disallowed by the platform (see https://wpengine.co.uk/support/disallowed-plugins/)
- They are maintained (i.e. have been updated recently and are compatible with the latest version of WordPress)
If a plugin you wish to use is not present in a WordPress Network environment, please contact us so we can test the plugin and make sure it works within this installation. Some plugins may be incompatible with others which are already in use on other sites in the installation.