Dealing with WordPress Updates
Written by: Zack
August 22, 2016
WordPress is an amazingly useful tool. We use it on approximately 85% of our projects, and it is used by approximately one-quarter of the entire Web. A new major version of WordPress is released every 3 or 4 months with a variety of new features. There is a vibrant development community surrounding it, and there are thousands of plugins available to augment the default feature set. Many developers specialize in WordPress development, so there is always support available.
However, all that flexibility and improvement comes at a cost: if you want the newest features and improvements, you will need to be running the latest version of the software. That means you will need to periodically install updates.
Updates Break Things
Unfortunately, it’s not quite as simple as that last sentence would make it sound. First, you have to remember to install the updates, which can be a bit of a challenge. You have a lot of work to do to fulfill orders, complete work, etc., and updating WordPress and plugins is likely not your highest priority.
Second, even if you do install them, updates run the risk of breaking things. Typically, updates pose no problems. You click “Update” in WordPress, and the software downloads and installs the latest version. However, from time to time, a developer will want to add a bunch of new features, and clean up their design at the same time. Despite their best efforts, occasionally something will be slightly incompatible, causing your site to display improperly or break.
So then you ask: Can we just skip updates then? If my site is working fine, and I don’t need whatever the latest improvement is, then I don’t need the update right?
Updates are Imperative
You could reasonably assume so, but unfortunately you really do need that update.
Here’s why: from time to time, someone will make a mistake in a plugin, or less frequently, in WordPress core itself, that causes a security problem. An update will be released to resolve the issue. These problems, if not addressed, can lead to your site being hacked.
For instance, we recently mitigated an issue with a theme on one of our sites where anyone on the Internet with sufficient knowledge could obtain full access to the site. No permanent damage occurred, but if left unhandled for a while, I would hate to see what would have happened.
(It should be noted that security updates to WordPress core itself are installed automatically and rarely break things. However, that is not always the case with plugins, which tend to be more of the problem.)
So how do you properly handle updates then?
Well, it’s complicated. There’s no easy way to tell if a plugin update will break things without trying it.
Here’s a rough overview of what we do:
- Make sure there’s a backup of the site. (For us, we have to make sure we have backups anyway, so this isn’t a huge deal, but if you don’t already have a robust backup, make sure you do before updating.)
- Think about it. If we’re doing anything that will obviously affect one of our features, we take that into consideration.
- Run the update.
- Check for breakage.
- Fix any breakage. If we can’t fix it immediately, we can restore the backup and fix it later when we have more time.
We also have the benefit of working on many sites, so if we run into an issue on one of them, we know about it when we do the rest.
In summary, updates are an absolute requirement for WordPress websites for security reasons. They can be tricky to do properly. They seem like they can be done by just anyone, which is true, but in the event stuff breaks, someone with technical skill will be needed to fix it. If you want to manage your updates yourself, make sure you have a good backup that works. If you don’t have time to deal with it, you may want to have someone else handle it for you, and that’s where we come in! We are a full service Internet Marketing Agency, so not only do we build excellent fast websites that are optimized for search, we also manage them on an ongoing business and make sure our clients sites are up-to-date, secure, and backed up. Contact us today to learn more!