Possible to stay on Version 4?

It is not recommended in any way to maintain a website on the 4.9.9 WordPress release to support legacy code that is poorly written. Although some of the security patches may be backported, scriptbots will target your website seeking out known exploits to access user data. According to WordPress:

“The only current officially supported version is WordPress 5.0.1. Previous major releases before this may or may not get security updates as serious exploits are discovered… WordPress will be backported security updates when possible, but there are no guarantee and no timeframe for older releases. There are no fixed period of support nor Long Term Support (LTS) version such as Ubuntu’s. None of these are safe to use, except the latest series, which is actively maintained.”

Explaining this to your client directly & making clear the security risks is most important. Create a development sandbox on a subdomain & test the WordPress updates for compatibility before you commit the changes to the live production website.

Related Posts:

  1. Why would a WordPress site go into maintenance mode without me doing anything?
  2. How much maintenance is required to run a WordPress server?
  3. Admin user can’t update WP
  4. Why are there updates for obsolete WordPress versions?
  5. WP-CLI not recognizing commercial plugin updates
  6. After updating WP keeps nagging about a newer version. Why?
  7. How can I manually upgrade translations?
  8. Automating the Backup Process (30+ websites)
  9. Update to older wordpress version from admin?
  10. Prevent/Disable Automatic Update Check
  11. Git Deploying – Disabling plugin/theme installation/update on remote?
  12. Update WordPress automatically on its own
  13. How long does it take for theme / plugin automatic updates to initiate?
  14. Can’t preview drafts after upgrade to 4.0!
  15. Find out if there is a available core update?
  16. Why won’t my site automatically apply updates after upgrade to 3.7?
  17. “You have the latest version of WordPress. Future security updates will be applied automatically.”
  18. WordPress with composer, how to handle updates?
  19. Reverting from a newer version of WordPress to an older version
  20. How to automatically update on localhost after editing files
  21. After updating wordpress 4.5 my homepage and images not displaying
  22. Show last time WordPress site was updated / modified
  23. How can I prevent a plugin from searching for updates?
  24. WordPress load-scripts.php encoding issue
  25. Plugin for automated upgrade of WordPress core and it’s plugins?
  26. Why are the automatic updates to WordPress behind the version my site is on?
  27. update Semiologic?
  28. Upgrading themes never works
  29. How can the temporary update directory be changed?
  30. Unable to update wordpress
  31. Still Another update is currently in progress by updating WordPress 5.3
  32. Is there any workaround to a core update still showing after core update if language set to anything other than US English
  33. Prevent wordpress from updating language files
  34. wordpress update will overwrite files changes?
  35. Worpdress update another update is currently in progress
  36. Updating beyond WordPress 4.2.1 yields “allowed memory size exhausted”
  37. Upgrading from 3.5.2 to 3.9.1
  38. Where can I find the corrent version of my wordpress blog?
  39. WP 5 upgrade and ALTER TABLE wp_post … post_password
  40. 4.9.5 broke site behind load balancer, forwards to localhost [closed]
  41. WP-CLI command to update all plugins and core fails when executed from cron
  42. Jetpack Upgrade fails with WP CLI [closed]
  43. WordPress 3.8.1 update error
  44. Updating WordPress core with zero downtime – I mean zero
  45. What file(s) in core control automatic background updates?
  46. How can I quickly get a system showing the “Uncaught Error: Class ‘WP_Site_Health’ not found in” up and running again?
  47. Can’t upgrade WP 5.6 to 5.6.1: version-current.php is missing
  48. WordPress and plugins can’t update (“inconsistent file permissions” error)?
  49. Update WordPress – Another update is currently in progress
  50. Errors when updating plugin through the WordPress plugin repository
  51. Is there a way to schedule automatic WordPress core updates?
  52. How does one dismiss the ‘upgrade notice’ when managing upgrades with SVN?
  53. WordPress updates being blocked by proxy
  54. Keep getting update notifcations despite there is nothing to update
  55. Which directory should be writable to update wordpress?
  56. Increased memory usage after updating to wordpress 4.3
  57. Is it safe to update from 2.6.2 to the newest version?
  58. Can anything go wrong if I let users change their usernames?
  59. Where in the backend can I get information about the current WordPress version I am using?
  60. Where can I see all changes for a new WordPress version?
  61. A shorter way to automatically update WordPress?
  62. check if WordPress website has updates remotely
  63. Updating WP 3.9.5 without destroying my website
  64. After adding mo localization files to WP 3.8.1 install backend shows new update to 3.8.1
  65. WordPress updates
  66. is wpdb->replace() already sanitized?
  67. Cannot upgrade anything in vps install (migrated wp)
  68. Where does wordpress gets its core and plugin updates
  69. I tried updating my Live wordpress site to the latest wordpress version (v4.7) and i encountered some issues
  70. How to keep cache files after plugin update?
  71. Can’t update WordPress 4.0
  72. Theme my login and update user meta
  73. why does installer/update screens not progress on some webhosts?
  74. Avoid removal of a file on plugin update
  75. IP Address Whitelist to Allow WordPress Core Auto Updates
  76. How to modify last posts block without losing modification on next WP update
  77. Disabling forced FTP credentials for any updates
  78. Parent Theme update was not showing on the update page
  79. mystery checkbox in comments area
  80. How to get the date of last updated post or page and put it in the footer
  81. Updates page not showing formating
  82. After WooCommerce-Update fucntion not working anymore
  83. Plugins download & install fine, wordpress update fails
  84. How to allow theme update downloads to WordPress installs only?
  85. FS method direct on NGINX
  86. WordPress Auto Updates
  87. Core update of 4.2.3 changes all link to https [duplicate]
  88. Error on update translation
  89. Not able to Update wordpress to 4.0
  90. update post meta front end
  91. Custom message when wordpress updates are available
  92. WordPress Updates 3.5.2 to 3.8 Any Problem? [duplicate]
  93. How can I upgrade wordpress with manual?
  94. disk was full but wordpress still having issues
  95. Avoid loosing changes to theme
  96. Manually updating WordPress files
  97. Hook or function to check if performing a WP Core update?
  98. cURL error 28: SSL connection timeout while can download the plugin file
  99. WordPress recommending to downgrade instead of upgrade?
  100. WordPress is updating only patch version and not minor