WordPress Security PSA

WordPress PSA: 3.1 Ruined My SEO – 3.1.1 Fixed It

by Ben Cook on April 5, 2011

WordPress 3.1.1 has been released and addresses three security issues, and one major SEO issue.

According to the official announcement, “the first [of the three security fixes] hardens CSRF prevention in the media uploader. The second avoids a PHP crash in certain environments when handling devilishly devised links in comments, and the third addresses an XSS flaw.”

Another aspect of the update that seems to be getting very little press thus far is a fix for the handling of category & tag URLS.

I actually encountered this problem one of my own sites after noticing a dramatic drop in search engine traffic. I finally tracked the issue down to my category and tag pages and only last night discovered the URLS had all been changed! After eliminating all plugin interactions as a possible cause, some quick searching turned up a few other people experiencing the same issue.

Apparently when using permalinks (as everyone should) the structure of the URL was being stripped out of category and tag pages for “a handful of people, MOSTLY on IIS” (I’m not on IIS so I guess I was one of the lucky ones). As far as the search engines were concerned, when updating to 3.1 I had effectively removed dozens of pages that ranked well that now served up 404 errors. Needless to say, this had a HUGELY negative impact on my search engine rankings.

Unfortunately, all of the advice I found for fixing the issue focused on changing the URL structure, not making the URLs which had previously been ranking work. I finally gave up trying to find a real “fix” and simply redirected the URLs that had magically disappeared, so the search engines could at least find the new ones. Naturally, I was greeted this morning by the news of the 3.1.1 update which thankfully fixed the issue.

There’s no doubt that I should have paid more attention to my site, it’s rankings, and the search engine traffic I was receiving (I mean it’s my job for crying out loud). However, issues like this one, are exactly why many people are loath to update their WordPress installations. While WordPress has made tremendous strides in making updates easier to implement, there’s still the risk of things breaking your site, even in a way that’s not readily apparent right away.

{ 7 comments… read them below or add one }

Previous post:

Next post: