Changes for page Why You Should Upgrade XWiki Regularly for Security and Stability

Last modified by Agnease on 2026/05/26 10:58

Manage
- Copy
Actions
- Export
- Print Preview
Viewers
- Source
- Siblings
- Content
- Comments
- Attachments
- History
- Information
- Likes

From 1.5 to 1.4

From version 1.4

edited by Agnease
on 2026/05/12 14:47

Change comment: There is no comment for this version

To version 1.1

edited by Agnease
on 2026/05/01 11:42

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

@@ -1,293 +1,121 @@
--{{velocity}}
--#set ($discard = $xwiki.ssx.use('PublicWebSite.WebHome'))
--{{html clean="false"}}
++= Why Upgrade Your XWiki Instance to the Latest LTS Version? =
--  ## PAGE HEADER
--  <section class="hero hero-centered service-hero" aria-labelledby="hero-title">
--    <div class="container hero-inner">
--      <div class="hero-kicker">
--        <i class="fa fa-refresh" aria-hidden="true"></i>
--        XWiki upgrade guidance
--      </div>
++Your XWiki instance may be working well today, but if it is running an older version, it may already be missing important security fixes, stability improvements, compatibility updates, and platform enhancements.
--      <h1 id="hero-title">Why upgrading your XWiki instance should be a regular priority</h1>
++Keeping XWiki aligned with the latest Long Term Support (LTS) version is not only a maintenance task. It is a practical way to reduce operational risk and keep your knowledge platform secure, reliable, and ready for future needs.
--      <p class="lead">
--        A working XWiki instance can still become outdated, harder to maintain and exposed to avoidable risks
--        when upgrades are postponed for too long.
--      </p>
++{{toc/}}
--      <p class="hero-support">
--        Regular upgrades help keep XWiki secure, stable, compatible and easier to evolve, especially when the platform
--        is used for internal knowledge, documentation, procedures, workflows or business-critical collaboration.
--      </p>
++== Why regular XWiki upgrades matter ==
--      <div class="hero-actions">
--        <a class="btn btn-primary" href="$xwiki.getURL('services.xwiki-upgrades')">View upgrade services</a>
--        <a class="btn btn-secondary" href="#upgrade-tips">Read upgrade tips</a>
--      </div>
--    </div>
--  </section>
++XWiki is actively maintained. With each release cycle, the platform receives bug fixes, security fixes, usability improvements, performance enhancements, and compatibility updates.
--  ## WHY IT MATTERS
--  <section aria-labelledby="why-title">
--    <div class="container">
--      <h2 id="why-title">“It still works” is not the same as “it is safe to keep unchanged”</h2>
++When an instance remains on an older version for too long, the upgrade gap becomes larger. This can make future upgrades more complex, increase the risk of incompatibilities, and leave the platform exposed to issues that have already been fixed in newer versions.
--      <p class="section-intro">
--        Many XWiki instances continue to run for years with only small visible problems. That can create the impression
--        that upgrades are optional. In practice, the longer an instance stays behind, the more risk accumulates around
--        security fixes, extension compatibility, infrastructure changes, custom code and future upgrade effort.
--      </p>
++A regular upgrade strategy helps keep your platform predictable and easier to maintain.
--      <div class="pathways">
--        <article class="pathway-card">
--          <div class="pathway-icon">
--            <i class="fa fa-shield" aria-hidden="true"></i>
--          </div>
--          <h3>Security fixes accumulate</h3>
--          <p>
--            Older versions may miss security-related fixes and improvements that are already available in newer releases.
--          </p>
--          <ul>
--            <li>Known issues may already be fixed upstream</li>
--            <li>Public information about vulnerabilities increases risk over time</li>
--            <li>Security updates are easier to handle when upgrades are regular</li>
--          </ul>
--        </article>
++== Security should be a priority ==
--        <article class="pathway-card">
--          <div class="pathway-icon">
--            <i class="fa fa-puzzle-piece" aria-hidden="true"></i>
--          </div>
--          <h3>Compatibility becomes harder</h3>
--          <p>
--            Extensions, custom applications, authentication integrations and infrastructure components evolve together.
--          </p>
--          <ul>
--            <li>Extensions may require newer XWiki versions</li>
--            <li>Java, Tomcat and database requirements can change</li>
--            <li>Large version jumps are harder to validate</li>
--          </ul>
--        </article>
++Older XWiki versions may be affected by security vulnerabilities that have already been corrected in later releases.
--        <article class="pathway-card">
--          <div class="pathway-icon">
--            <i class="fa fa-line-chart" aria-hidden="true"></i>
--          </div>
--          <h3>Maintenance cost increases</h3>
--          <p>
--            The longer upgrades are postponed, the more difficult it becomes to understand what changed and what may break.
--          </p>
--          <ul>
--            <li>More release notes to review</li>
--            <li>More compatibility checks to perform</li>
--            <li>More risk around custom code and old assumptions</li>
--          </ul>
--        </article>
--      </div>
--    </div>
--  </section>
++Once security advisories and fixes become public, attackers can analyze the disclosed information and use it to target systems that are still running vulnerable versions.
--  ## WHAT TO REVIEW
--  <section id="upgrade-tips" class="services" aria-labelledby="tips-title">
--    <div class="container">
--      <h2 id="tips-title">Practical tips before planning an XWiki upgrade</h2>
++This means that delaying upgrades can increase the window of exposure.
--      <p class="section-intro">
--        A good upgrade starts before the installation step. The most useful preparation is to understand the current
--        platform, identify what is business-critical and validate the upgrade outside production.
--      </p>
++Upgrading to the latest LTS version helps reduce this risk by applying the latest available fixes in a stable, production-oriented release line.
--      <div class="services-grid">
--        <article class="service">
--          <div class="service-icon" aria-hidden="true">
--            <i class="fa fa-code-fork"></i>
--          </div>
--          <div class="service-body">
--            <h4>Check your current version and target version</h4>
--            <p>
--              Identify the current XWiki version, the desired target version and whether intermediate upgrade steps are needed.
--            </p>
--          </div>
--        </article>
++== Stability and compatibility improvements ==
--        <article class="service">
--          <div class="service-icon" aria-hidden="true">
--            <i class="fa fa-puzzle-piece"></i>
--          </div>
--          <div class="service-body">
--            <h4>Review installed extensions</h4>
--            <p>
--              List installed extensions and check whether they are compatible with the target XWiki version.
--            </p>
--          </div>
--        </article>
++Security is not the only reason to upgrade.
--        <article class="service">
--          <div class="service-icon" aria-hidden="true">
--            <i class="fa fa-code"></i>
--          </div>
--          <div class="service-body">
--            <h4>Identify custom code</h4>
--            <p>
--              Review custom macros, Velocity scripts, Java components, UI extensions, sheets, templates and local changes.
--            </p>
--          </div>
--        </article>
++Newer XWiki LTS versions also include important improvements related to:
--        <article class="service">
--          <div class="service-icon" aria-hidden="true">
--            <i class="fa fa-lock"></i>
--          </div>
--          <div class="service-body">
--            <h4>Validate authentication</h4>
--            <p>
--              LDAP, Active Directory, SSO, OIDC, SAML and MFA configurations should be tested carefully after the upgrade.
--            </p>
--          </div>
--        </article>
++* platform stability
++* extension compatibility
++* authentication and integration support
++* user interface improvements
++* performance and reliability
++* bug fixes accumulated across multiple releases
++* better support for modern Java and application server environments
--        <article class="service">
--          <div class="service-icon" aria-hidden="true">
--            <i class="fa fa-database"></i>
--          </div>
--          <div class="service-body">
--            <h4>Prepare backups and a staging clone</h4>
--            <p>
--              Never treat production as the first test. Validate the upgrade on staging or a temporary clone first.
--            </p>
--          </div>
--        </article>
++These improvements are especially important for organizations that rely on XWiki as a central knowledge base, intranet, documentation portal, or business process platform.
--        <article class="service">
--          <div class="service-icon" aria-hidden="true">
--            <i class="fa fa-check-square-o"></i>
--          </div>
--          <div class="service-body">
--            <h4>Create a validation checklist</h4>
--            <p>
--              Test login, permissions, search, dashboards, PDFs, custom applications, jobs, important pages and integrations.
--            </p>
--          </div>
--        </article>
--      </div>
--    </div>
--  </section>
++== Major platform transitions require planning ==
--  ## SAFE PROCESS
--  <section class="split-section" aria-labelledby="process-title">
--    <div class="container">
--      <div class="split-grid">
--        <div class="split-copy">
--          <h2 id="process-title">The safest upgrade is the one rehearsed before production</h2>
++Some upgrades are more significant than others.
--          <p>
--            A production upgrade should not be the first time the process is tested. A staging environment or temporary
--            clone allows problems to be discovered before they affect users.
--          </p>
++For example, the move from XWiki 16.x to XWiki 17.x introduced an important platform change: the migration to Jakarta EE. This also affects the application server layer, requiring environments such as Tomcat 10+ instead of Tomcat 9.
--          <p>
--            This is especially important when the instance includes custom applications, authentication integrations,
--            PDF exports, workflows, advanced permissions or business-critical documentation.
--          </p>
--        </div>
++This type of upgrade should not be treated as a simple file replacement. It requires careful planning, compatibility checks, and proper validation.
--        <ol class="process-list">
--          <li>
--            <strong>Prepare a staging clone</strong>
--            Copy the relevant database, filesystem and configuration into a controlled non-production environment.
--          </li>
--          <li>
--            <strong>Run the upgrade there first</strong>
--            Apply the upgrade, resolve compatibility issues and record the steps required.
--          </li>
--          <li>
--            <strong>Validate business-critical features</strong>
--            Confirm that authentication, rights, search, exports, custom apps and important workflows still work.
--          </li>
--          <li>
--            <strong>Plan the production window</strong>
--            Define backup, downtime, rollback and communication expectations before touching production.
--          </li>
--          <li>
--            <strong>Document the result</strong>
--            Keep upgrade notes, observed issues and follow-up recommendations for the next maintenance cycle.
--          </li>
--        </ol>
--      </div>
--    </div>
--  </section>
++== A safe upgrade process ==
--  ## COMMON MISTAKES
--  <section aria-labelledby="mistakes-title">
--    <div class="container">
--      <h2 id="mistakes-title">Common mistakes to avoid</h2>
++At Agnease, XWiki upgrades are approached as controlled technical operations.
--      <p class="section-intro">
--        Most difficult upgrades are not difficult because XWiki cannot be upgraded. They become difficult because
--        the environment, customizations or validation steps were not understood early enough.
--      </p>
++A typical upgrade process may include:
--      <div class="widgets">
--        <article class="widget">
--          <div class="icon" aria-hidden="true">
--            <i class="fa fa-warning"></i>
--            <h4>Upgrading<br />directly in production</h4>
--          </div>
--          <p>
--            Production should not be the first place where compatibility issues are discovered.
--          </p>
--        </article>
++* reviewing the current XWiki version and infrastructure
++* identifying the recommended target LTS version
++* checking installed extensions and custom developments
++* reviewing authentication and integration dependencies
++* preparing a staging environment when needed
++* testing the upgrade before production
++* planning downtime and rollback options
++* executing the production upgrade
++* performing post-upgrade checks
--        <article class="widget">
--          <div class="icon" aria-hidden="true">
--            <i class="fa fa-puzzle-piece"></i>
--            <h4>Ignoring<br />extensions</h4>
--          </div>
--          <p>
--            Extensions and custom code often create the real upgrade complexity.
--          </p>
--        </article>
++The goal is to minimize risk while keeping the platform secure, stable, and maintainable.
--        <article class="widget">
--          <div class="icon" aria-hidden="true">
--            <i class="fa fa-lock"></i>
--            <h4>Testing only<br />public pages</h4>
--          </div>
--          <p>
--            Login, permissions, restricted spaces and admin features should also be validated.
--          </p>
--        </article>
++== What happens if upgrades are postponed? ==
--        <article class="widget">
--          <div class="icon" aria-hidden="true">
--            <i class="fa fa-file-text-o"></i>
--            <h4>No upgrade<br />notes</h4>
--          </div>
--          <p>
--            Without notes, every future upgrade starts again from uncertainty.
--          </p>
--        </article>
--      </div>
--    </div>
--  </section>
++Postponing upgrades for too long can lead to:
--  ## CTA
--  <section class="cta-section" aria-labelledby="cta-title">
--    <div class="container">
--      <div class="cta-panel">
--        <h2 id="cta-title">Need help planning an XWiki upgrade?</h2>
++* increased exposure to known vulnerabilities
++* more difficult future upgrades
++* outdated dependencies
++* compatibility problems with newer integrations
++* unsupported or harder-to-maintain infrastructure
++* higher troubleshooting costs
++* increased risk during emergency upgrades
--        <p>
--          If your XWiki instance is outdated, customized or business-critical, the safest next step is to review
--          the current version, extensions, infrastructure and validation needs before planning the production upgrade.
--        </p>
++Regular upgrades are usually easier, safer, and more cost-effective than large delayed migrations.
--        <a class="btn btn-primary" href="$xwiki.getURL('services.xwiki-upgrades')">View XWiki upgrade services</a>
--      </div>
--    </div>
--  </section>
++== Who should consider an upgrade? ==
++You should consider planning an upgrade if:
++
++* your XWiki instance is not running the latest LTS version
++* your current version is more than one year old
++* your instance contains sensitive or business-critical information
++* you use custom extensions or integrations
++* authentication is connected to LDAP, Active Directory, SSO, OpenID Connect, or SAML
++* your platform is used as an intranet, knowledge base, documentation portal, or workflow system
++* you want to reduce long-term maintenance risks
++
++== Request an XWiki upgrade assessment ==
++
++If you are unsure where your XWiki instance stands, Agnease can help with a concise upgrade assessment.
++
++The assessment can include:
++
++* current version review
++* recommended target version
++* estimated upgrade effort
++* key security and stability reasons to upgrade
++* infrastructure considerations
++* extension and customization risks
++* recommended next steps
++
++Contact Agnease to review your current XWiki setup and plan a safe upgrade to the latest LTS version.
++
++{{html}}
++<p>
++  <a class="btn btn-primary" href="/xwiki/bin/view/Contact/">Request an upgrade assessment</a>
++</p>
  {{/html}}
--{{/velocity}}
++
++== About Agnease ==
++
++Agnease provides professional XWiki services for organizations that rely on XWiki as a secure and long-term knowledge management platform.
++
++Services include XWiki upgrades, maintenance, troubleshooting, custom development, integrations, security-aware consulting, and long-term platform support.