The ability to update WordPress core, themes and plugins from within the Dashboard is quite amazing. It has taken a process that was at one time tedious and made it incredibly simple. Anyone can do it. All it takes is a few clicks and you’re running the latest versions of everything.
When you think long and hard about this, however, it may make you break into a cold sweat. That’s because, as great as this feature is, there are no guarantees of functional harmony. Applying an update could, in some instances, break your website – or at least cause a buggy nuisance or two.
To be sure, there’s some risk involved. This is harrowing enough if you maintain a single WordPress website. But for those of us who are responsible for multiple client websites, the pressure can really add up.
So, how do you deal with it? Take a deep breath and think ahead. Create a solid plan and processes to carry it out. Let’s take a look at some techniques to mitigate risk and give you some peace of mind.
1. Prepare for the Unknown
If you’ve ever logged into your website, saw that there were updates available and applied them without a second thought, you’re not alone. This is how a lot of WordPress site administrators (both hobbyist and professional) get things done. Bonus points for each time you’ve applied updates this way with no negative effects.
But what if something had gone wrong? What would you do?
A worst-case scenario involves hurriedly trying to piece a broken website back together (Hint: it’s not fun). To avoid this, it takes preparation.
Thankfully, it’s really not that difficult. Here are the very first lines of defense in avoiding an update disaster. Even better is that, after the initial set up, each of these solutions can be automated to a degree. This saves you time while also providing much-needed protection.
Keep Website Backups
One of the easiest ways to guard against the consequences of an update-gone-wrong is to have a set of recent site backups available. This will allow you to roll back to a working configuration. From there, you can go on to fix any issues in the background (more on that below).
Web hosts typically run daily backups or will at least provide you with a method for doing so. While this is a great feature, there is also a real benefit to having offsite backups as well.
This can protect you in the event of a server outage and enable you to reach your site’s files and database. It’s a lifesaver should you ever need to quickly move your website to another server. No, it’s not exclusively related to software updates, but important all the same.
You can take the extra step of keeping offsite backups through the use of a plugin or via an all-in-one site management dashboard such as ManageWP, InfiniteWP or even Jetpack. They can put a copy of your website on a cloud service (Amazon S3, Dropbox, etc.), providing another layer of security.
Use a Staging Environment
Another important part of being prepared is having a staging environment. This is a separate, private installation of your website that allows you to test software updates before applying them to your production site.
The beauty of this setup is that you can discover potential issues without any negative impact to your public website or its visitors.
The beauty of this setup is that you can discover potential issues without any negative impact to your public website or its visitors. If something doesn’t work as expected, you have a hidden spot to quietly get it resolved.
There are a variety of ways to integrate staging into your workflow. The simplest is to find a web host that provides this functionality. Some even have a “one-click” process that enables you to build a staging site and push updates to production.
Short of that, you may have to create a clone of your website and install it elsewhere. This could be a separate spot on your web host or even your local machine. To make for a more seamless experience, you might integrate version control through a tool such as Git.
Regardless of how your staging environment is set up, it can be a huge help in preventing buggy code from finding its way onto your website. It’s highly recommended – especially for busy sites and/or those that take transactions.
2. Get to Know Your Updates
Site backups and a staging environment are only one part of the equation. The other part is in understanding which WordPress updates are available, what they do and prioritizing them based on that information.
This goes beyond just looking at the names of the items on the Updates screen. It requires a little bit of research to ensure that you’re making the best decision possible when it comes to updating. Here’s what you should know.
Not Every Update Is an Emergency
Sometimes, it feels like the updates displayed in front of us are a bit like a “Breaking News” headline. We tend to treat them with immediate attention. And, while it’s good to stay in the loop, there are some downsides.
Some updates are more important than others. Just because there’s an update available for a plugin, doesn’t mean it needs to be addressed right this minute.
The truth is that some updates are more important than others. So, just because there’s an update available for a plugin, that doesn’t mean it needs to be addressed right this minute.
For example, let’s say that there are two plugins (Plugin A and Plugin B) on our website. Each has released an update:
- Plugin A has added an “awesome” new feature;
- Plugin B has fixed some undisclosed security flaws;
While new features are great, security fixes are vital. In this case, Plugin B should get immediate attention.
So, how do you know which updates are a priority? Check out their changelog. For most plugins and themes, you can find a link to it within its listing on the WordPress Updates screen.
Identify Potential Issues
In general, bug and security fixes are the updates you’ll want to move to the head of the line. Other updates, like feature additions and minor tweaks, don’t necessarily have to be applied right away.
New features can sometimes have unintended consequences. They may not work as expected with your particular website or cause conflicts with other software.
So, before you update, it’s worth checking out the support forums. If your theme or plugin is listed in the official WordPress repository, visit its support section and see if other users are experiencing problems.
Software from other sources may take a little more sleuthing. The author may have their own support portal or you might find information on a site like Stack Overflow.
The bottom line is that it’s good practice to have some background information about exactly what’s changed and any potential consequences. This can save you from unwittingly installing problematic software (and the subsequent cleanup).
WordPress Core Considerations
Updates to WordPress core should be given the highest priority. They often include important changes and are also extensively tested before being pushed out, increasing reliability.
Releases can be lumped into two general categories:
Major Releases
Major versions tend to have a mix of new features and security/bug fixes. In most cases, these updates go fairly smooth. However, there can be some situations when holding off for a little bit makes sense.
For instance, as WordPress starts to require higher versions of PHP, you may not be able to update right way if your site isn’t compatible. It’s also possible that a legacy plugin (one that isn’t actively maintained) could break upon updating core.
Again, this is where a staging environment can be a huge help. It’s better to find this out ahead of time, then put a fix in place.
Minor Releases
Minor version updates usually focus solely on bugs and security concerns. Depending on your website’s configuration, they may be automatically installed when released. This is generally a positive, as it can protect you from any known or zero-day exploits.
If you have a mission-critical website, though, you may prefer to turn off those automatic updates so that you can conduct some testing first. Afterwards, be sure to apply these minor releases as soon as possible.
3. Consistency Leads to Better Results
If there’s one overall takeaway from this guide, it’s that updating a WordPress installation requires some rational thinking. Take things one step at a time.
As we’ve discussed, you should first build yourself a safety net in the form of website backups and a staging environment. Staging will help you detect problems, while backups allow you to quickly recover should the unexpected happen.
Next, take some time to learn the intricacies of your website. Get to know the active theme, plugins and server environment. When updates are available, read the appropriate changelogs and browse support forums. This will provide vital information about what’s being changed and any complications others are experiencing.
Utilize the same approach consistently on every website you manage.
Finally, once you’ve got a good system, utilize this approach consistently on every website you manage. This might sound daunting, but there are tools out there to help. And, once you develop a process for updating, it gets easier over time.
Go Forth and Update
Thanks for reading our guide to updating your WordPress site without breaking things. With the right systems in place, updating WordPress should not feel like risking disaster. Hitting that update button without a plan can be dangerous. But following the steps above will remove most or even all of that risk, and save you from lots of maintenance headaches down the road.
For those of us with enterprise-level websites, I wish that plugin developers would allow for enterprise-level updates where the process could be split into security patches, general bug-fixes, and feature improvements. All too often I’ve not been able to apply updates to my sites (in a timely manner) because a plugin developer decided to change how his plugin works by default, and he didn’t think about backward compatibility. It would be great if I could only apply security patches to a plugin. That would allow my sites to have a Long Term Support (LTS) type of environment, rather than one that is always changing in unexpected ways.
You make a great point. Everything is so subject to radical change and we rarely get any time to prepare. Part of it is the hodge-podge manner of the plugin ecosystem. Anyone can create a plugin, which is great. But it also means some authors have very different update practices.