Updated on Nov 29, 2022
The longer you put off updating, the more difficult it will be. Some updates expand on previous ones. Changes to templates and how data is stored in the database that is more easily managed in increments may be made. Furthermore, and perhaps more importantly, updates can be critical for security. As a result, even a few days delay in performing a critical security update can put your site at risk. When a security vulnerability is discovered, the exploitable code is made public on the Internet. Hackers can quickly create bots that crawl the web and exploit these vulnerabilities.
The most common way hackers gain access to your site is through outdated themes, plugins, and WordPress versions (besides brute force hacks of your login). Even deactivated themes and plugins can expose your system. The following are best practices for keeping your website current.
Many people provide maintenance plans to help you stay current. The issue with some of these plans is that they provide updates on a weekly, monthly, or quarterly basis. That approach does not work because security vulnerabilities necessitate timely updates. Those updates must be made as soon as possible rather than on a set schedule.
This post includes:
Plugins that run solely in the Dashboard and have no front-end interface are usually safe to update automatically, such as:
Plugins with a front-facing interface that you should manually update and then thoroughly test (or update on a staging environment first) include:
Make a recent, good backup of your site that you can restore from if an update or upgrade goes horribly wrong. Learn how to back up your files and database in this post. Make a FULL SITE (aka Complete) BACKUP and a DATABASE ONLY backup. Save both of these backups to your computer.
Important: Limit the size of your backups! Large files and upload folders should be avoided.
There are several approaches to building a WordPress staging site. The most straightforward option is to use your hosting provider's built-in staging site feature.
Check our guide on how to use the VersionPress Plugin.
Here's a general guide to help you tell the difference between updates, which usually don't break your site, and upgrades, which can have serious consequences.
Changelogs will tell you whether a major update was made or if minor bug or admin interface fixes were made, as in these two examples:
Every developer uses different numbering system, so this is not a fault-proof guide, but it can help inform you of major revisions you should approach with caution. The only way to truly know what has changed with the plugin or theme is to read the change log.
For premium plugins, always enter the license key. Take a look at the Envato plugin example below.
Purchase premium plugins, even if they come with the theme. Theme developers may be slow to update the plugins that come with their themes.
Updating themes can be tricky because it will overwrite any customizations you've made to the theme's files (if they were not made in a child theme), as well as any theme options you've set.
Here are some things to remember:
The latest and greatest WordPress themes, like cars, have a lot more bells and whistles and require more time to update. Current WordPress themes have a lot more moving parts and features that work together. They are more robust and interesting, and will do everything except wash your dishes, but they do require upkeep, which can be time-consuming if the code has changed significantly between versions.
Some WordPress versions will clash with your out-of-date themes or plugins. For patches, such as 4.0 to 4.0.1, click the Update button, just as you would for themes and plugins. With major updates, such as 4.0 to 4.1, you should ensure that your existing plugins and themes are compatible.
It's a good idea to test the update on a local copy of the site. Except for one site that used the WordPress Multilingual (WPML) plugin, I had no problems updating any of my sites from 3.9.2 to 4.0. Many people had problems updating the WPML plugin. During the update process, I discovered that I had other issues with the site. For starters, I needed to update my theme! So I backed everything up, performed all of the updates locally, resolved any issues, and then copied the site back to the live site.
We usually check our plugins on WordPress.org or the plugin forums to ensure they are compatible with the most recent version of WordPress. If the WordPress upgrade includes a jQuery library update, the update may conflict with the jQuery library used by your plugins or theme. This will cause some jQuery functionality, such as your theme's slider or Ajax content editor, to stop working properly. The theme, as well as WordPress, must be updated.
If an update to a plugin or theme fails miserably, simply replace the theme or plugin files with the backup, you created above. If you're using a backup plugin, you can unzip your full backup and then FTP the old version of the theme or plugin to the wp-content → themes or plugins folder, overwriting the new version.
If the upgrade issue was related to a plugin on WordPress.org, you could reinstall the older version of a plugin easily without needing to go to your backups:
If you are not using VaultPress or don’t have access to a one-click restore of your site, you may have to restore both your files (via FTP) as well as your database manually. These instructions are a bit long, and I usually restore databases a bit more cavalierly. However, since I’m giving advice to you and not sure of your skill level, I want to make sure you don’t inadvertently delete the wrong database.
First, you will need to download the backup of your database you created before you upgraded. If you are using a backup plugin, unzip the database backup you created. You should see a file that ends with .sql.
If you use BackupBuddy, you can use the importbuddy.php script to restore the database and overwrite the old database tables instead of creating a new database.
First, if you broke the live site, you should restore it from a backup. If you are working in a staging environment, you can troubleshoot the site and move forward by using the following tips:
If other people have had similar issues, there's a good chance the solution (or at least an ongoing discussion) is waiting for you there.
If a slider or other plugin feature fails to load properly after upgrading, you may need to click SAVE CHANGES or UPDATE to reconnect the slider or feature to the page or layout. Check that all of the images and other settings are the same as they were in the previous version. Sometimes major updates contain so many changes that you must re-select all of your options. Some updates simply require you to click a button to Save the options in order for them to work again.
Some shortcodes in plugins or themes may have changed, so read the documentation and use the correct shortcodes.
Your site may appear to be broken after an update/upgrade, but this could be due to various cached files interfering with the proper loading of the site. Conflicting cached files can lead to erratic behavior. Log in to your WordPress Dashboard and delete any cached files in your caching plugin, followed by clearing all cached files in your browser. Try viewing or logging in using a different browser.
CSS style modifications may not be applied to your new theme or plugin for a variety of reasons:
If your WordPress site breaks, you can check our article on How to Fix the Blank Page Issue on your WordPress Admin Dashboard.
By eliminating variables (such as removing all the plugins and themes) and turning on the debug feature, you can narrow down the source of the problem. You may not be able to solve the problem, but hopefully, you will have narrowed down the source of the issues.
We hope you get how important it is to update your WordPress plugins and themes securely. If you have any troubles, you can always turn to our support experts with hosting-related questions. Contact our specialists via Live Chat or with the help of our ticketing system. We work 24/7 to make sure your project is a success.
We hope you find this article useful. Discover more about FastCloud - the top-rated Hosting Solutions for personal and small business websites in four consecutive years by the HostAdvice Community!