Yesterday I was talking to a DM person on Twitter who was telling me about her problems with CMS updates and the headaches this hellish world of keeping websites always up to date and stable represented for her.
I will not hide that keeping WordPress plugins and themes up to date is very important, as well as keeping the kernel always updated to the stable version. Updating WordPress plugins and themes will not make your website jump.. Keeping your installation stable should be one of your maxims when working as a blogger or managing an e-commerce site with WordPress.
The conclusion of the conversation was what you can imagine, right! well that
postpone updates for another day when you have more time, which will be one of those tasks to procrastinate in an indefinite loop in time and your website will end up dying of shame for remaining anchored in the past.
It will not be responsive, it will not have the latest improvements applied to the Customizer, nor can it make use of the simplified updates and a lot of improved or new functions that each version that lands on the dashboard brings with it.
How to check if your WordPress installation allows automatic updates?
It is possible that at some point you have disabled them, due to ignorance or simply because you want to have details of everything that is updated in your installation and thus be able to keep track of changes and how they affect your theme or other installed plugins, so that avoid conflicts after updating.
WordPress.org long ago developed a plugin that allows you to quickly check if your website communicates well with the update service so that when new minor versions of the kernel are released, you can receive them and apply them without your intervention.
The plugin is called Background Update Tester and although it has been 2 years without updating, it seems that to date there are no vulnerabilities that require updating it.
In any case, it is a plugin for use on demand, that is, you install it, you check that your installation can receive updates and if everything is correct you can disable it or directly uninstall it, its mission ended just after informing you.
Once installed and activated you will find it on the dashboard, in the left side menu as Update Tester.
Click on the plugin title and wait for WordPress auto update checks to be done (core only) without your intervention.
eye! The plugin will not update anything, it will only check if when the case comes that there is an update available, your website has the ability to do it alone, while you use your time for more fun things.
The results are immediately visible.
If the test was positive you will already know that when WordPress.org releases new minor versions of the kernel, whether security or maintenance, your installation will apply them automatically and unattended.
If, on the contrary, some red error notice, you will have to check what is the cause. A restrictive Firewall plugin, a very restrictive Server Firewall, blocking updates in your wp-config file or other possible causes that you will have to check and correct if you want to receive automatic kernel updates.
Are you afraid of breaking everything, of WordPress exploding for updating? … well I’m sorry to tell you that WordPress Does not explode!, it doesn’t break or run when you update it.
Simply doing things right, the results will be as expected and you will not have to put your hands on your head.
- Make backup forever! yes or yes, before updating anything.
- Make a backup… ah! that I have already said, hehe, well I insist Make it!
- Deactivate any security plugin you use: Wordfence, iThemes Security, etc.
- Do you hide access to wp-admin? well disable it, that for a while nothing will happen.
- read “See details of the X.x.x version” Before updating it, find out what news or improvements that update brings.
- Check if your theme or plugin supports updating (it takes 2 minutes to verify it on the plugin / theme website).
- Don’t update in bulk Are you in a hurry ?, It is better one by one and verifying results and behavior.
Your website is your workplace in most cases, possibly it is the income that supports you and in any case it is an important place for you to take precautions and do things slowly and analyzing before and after each action The first one that benefits is you and then your clients, readers or visitors.
You will have probably already read around there, perhaps in Codex, that adding filters in the file wp-config.php like these:
add_filter( 'auto_update_plugin', '__return_true' ); add_filter( 'auto_update_theme', '__return_true' ); add_filter( 'auto_update_translation', '__return_false' );
You can go to sleep peacefully, that the themes and plugins will be updated by you, or not!
Surely you add them and / or cause a 500 error and leave the dashboard whiter than the white lime wall on which my dear friend Manuel leans in the afternoons (no, no, the one in the song is another Manuel)
Well, this is how white your installation will be if you add filters without having control of what they do, how and where.
Look, I’m from the old school and I like to see things happen, to know where and how they happen, because of getting your hands on if smoke starts to come out, which is already known, we started by putting codes on Tuntun and ended up setting fire to WordPress … sorry, I remembered my friend, the one on Twitter and her problems with upgrades hahahaha!
… ufff it shows that I am happy, because when I start like this my clamp goes a lot and I end up telling you how I loaded the positioning of my website for messing around too much with “some insane plugins” ..but I’ll tell you about it another day.
Come on, let’s get serious, let’s leave the filters for the elderly and we better continue using plugins that at least give us the feeling that everything is safer and the damage is contained, what worse things could happen?
Do you want to have a detailed control of what can be updated?
I would tell you that the best filter of what can or cannot be, and what should be updated is you and your common sense, but preventing me from getting a pearl, I prefer to reveal that there are plugins for this too hehehe, so everyone happy.
Nor is it about inflating the installation with plugins, but if you manage many sites, you do not have much time to keep track of changes and always have an incident response system in place, it is best to leave your installation automated (or all that you manage) which can and cannot update each one automatically.
Of course, if you do this, it would not hurt to install a change control plugin that allows you to at least have a record of what has happened on the dashboard in your absence Don’t say I don’t warn you!
The plugin Advanced Automatic Updates It will give you extra powers so you can decide some aspects of those neglected updates.
You install it and activate it, as usual and the next thing is that you go find it in the Settings section, Advanced Automatic Updates and activate what you think is necessary for your installation.
Remember that since WordPress version 3.7, minor kernel updates, if you did not deactivate them, are carried out by themselves so your intervention is not required.
The plugins and themes are not covered in this automatic update process and unless you use the aforementioned plugin, you will have to do them by hand when you remember or have time!
That this plugin does not convince you, because nothing happens, it will not be by plugin, come on I say! there are as many as days the year has … and more, it is only to analyze them first, see if they increase the load of your site, if they do not conflict with others already installed and in use and if they convince you “use them” that is what they are for.
I personally like it WP Updates Settings, which is fun, was updated a little while ago and has many options to use them.
Once you activate it, after installing it, you have to configure it in Settings, Updates so that it has the behavior you want in the face of updates.
What can you do with this plugin?
- Show / hide the update notification on the dashboard.
- Use WordPress default behaviors against updates.
- Activate / deactivate the update functions for dashboard users (Admins).
- Automatic core background updates major.
- Automatic minor background updates to the kernel.
- Automatic background updates of plugins.
- Automatic background updates of themes.
- Automatic background updates of translations.
- Email notification of updates.
- Turn off restore WordPress default behavior.
- Uninstall restore WordPress default behavior.
Evaluate it and decide if you need it, if you consider yourself forgetful of the updates that postpone this type of task, or if on the contrary you are a crack of the updates and you have more than enough to do it yourself without the help of plugins.
That you don’t want the WordPress core to update without your permission?
Well, it will be enough that you edit from your Hosting Panel (cPanel), Files, File Manager, the file wp-config.php and add the following constant:
And of course, as soon as you save the changes in this file, the following minor updates will be announced on the dashboard, but they will not be done if you do not intervene directly in the process.
Thanks to Maria Jose, Sysadmin on Websites Are Us, without your feedback it would have been less fun to write this article to make you aware of how important it is to update the WordPress kernel … and also the themes and plugins of course!
It is no longer certain who more firewalls, antivirus and honeypots put in your WordPress installation, but who keeps core, themes and plugins up to date and it does things in a programmed way and attending to the needs of its website.