Build & Transform · Legacy Modernization
When the site that started small has grown into an unmaintainable mess of plugins, custom code, and forgotten workarounds — and the cost of starting over is higher than the cost of fixing what's actually there.
When this makes sense
Cleaned up, then reinfected. The vulnerabilities live in code nobody owns anymore — old PHP, abandoned plugins, custom theme work no one has time to audit. Modernization closes the doors security tools can't keep shut on a legacy stack.
ADA and WCAG 2.2 accessibility. GDPR, CCPA, and the growing patchwork of state privacy laws. The legal bar moved while the site stood still. Each new requirement adds a layer the legacy architecture wasn't designed to support.
Content was hardcoded into theme templates years ago. Routine copy changes turn into engineering work. Editorial velocity has collapsed.
The original developer is gone. The custom plugins were never documented. Every change risks breaking something nobody knows how to fix.
Forty-plus plugins. Three different page builders, half-installed. Constant version conflicts. Each one a CVE you have to track.
The hosting environment is moving forward; the site can't follow. Plugin authors stopped patching for your stack. "Just upgrade" breaks too much to attempt without a plan.
What gets built
Selected work
Details anonymized; specifics available under NDA.
Legacy Modernization
Replaced a broken Gutenberg-heavy enterprise build with ACF Flex content models, fixed SEO and accessibility at the architecture level, and gave the internal team a backend they could actually use. The frontend stayed pixel-identical so external traffic and inbound links saw no change — all the upgrades happened underneath.
Read the case study
Managed Hosting
An international music festival came to us with a site that crashed during peak traffic, a usability problem, and a previous backup compromise that had cost them production data. We rebuilt the site for speed, accessibility, and ease of use, then put it on managed hosting with backups stored in two separate secure locations.
Read the case study
Common questions
Less about age, more about state. The patterns: 20+ plugins serving overlapping functions, custom code by developers nobody understands or was poorly written to begin with, a theme that’s been heavily modified directly instead of via a child theme, PHP or WordPress or plugin versions that are years behind current, the team’s afraid to update anything because the last update broke something, or the site has been compromised. If two or three of those resonate, it’s a legacy site even if it’s only 3 years old.
Maintenance keeps the site running as-is: security patches, plugin updates, content edits. Modernization restructures the underlying architecture so the site can keep running for years to come. Most legacy sites have skipped modernization for so long that even basic maintenance has become risky; modernization is the work that makes routine maintenance safe again.
Not if it’s done right. The standard modernization path is: stand up a parallel staging copy of the site, do the modernization work there, run it through user testing with the current site as the comparison reference, then cut over only when the modernized version is verified working. Production stays untouched during the modernization phase.
The audit comes first: every plugin gets categorized as essential, redundant, can-be-replaced-by-code, or abandoned. Most legacy WordPress sites are running 30-50% more plugins than they need. We consolidate overlapping functions, replace plugins serving simple needs with lightweight custom code, and document what each remaining plugin does and why it’s there. Result: half the surface area for security issues, performance problems, and update conflicts.
Yes, many modernization engagements can be architecture-only with the existing design preserved. That said, modernization is often the right moment to redesign too. The honest reality: if your site is legacy enough to need modernization, the design has likely aged into conversion, SEO, accessibility, or compliance problems that a refresh addresses for cents on the dollar versus tackling them as separate projects later. Most of our engagements include a fresh design alongside the modernization work because the cost efficiency and the outcomes both argue for it.
The hidden costs of running a legacy site usually exceed modernization costs within 18-24 months: emergency security work after compromises, hours lost troubleshooting plugin conflicts, the productivity tax on editors afraid to use the site, lost revenue from outages, and the slow accretion of technical debt that makes every future change more expensive. Modernization pays back as a one-time investment that removes the recurring tax from the budget.
Recent thinking
The scenario is common enough to count as a category: a business has five or six domains, each with a WordPress site of various vintages,...
Read the article
Custom WordPress frameworks were a reasonable answer to a real problem. Vanilla WordPress, circa 2015, didn’t have built-in environment management, didn’t compose well with Composer,...
Read the article
The Options API in WordPress underwent a meaningful architectural shift across the 6.6 (July 2024) and 6.7 (November 2024) releases. Core now actively manages the...
Read the articleNo proposals. No pitch decks. Just a conversation about your project and whether I'm the right fit to build it.
Start a Conversation