Avoid being hacked, keep WordPress up to date and enjoy more stability and new features

For anyone who’s ever built, maintained, worked with, or owned a WordPress site, they know how common it is to see that “WordPress X.X.X is available! Please update now.” message at the top of their dashboard. Is it really that important to keep your WordPress website up to date?

The answer to that questions isn’t necessarily a clear cut “yes”, but in general, it is important to keep it as up to date as possible. So now the question becomes, how do I know when I should update my WordPress website and is it as simple as just pressing that “update now” button?

This post is intended to look at the reasons why it’s important to keep your WordPress sites up to date, how you can determine if the latest release requires you to do an update, and when an update is required, what steps should you take to make the process as seamless and error free as possible.

So lets get to it.

Why is it important for me to keep my WordPress website up to date?

There are a couple of reasons, some more important than others.

Security Updates

Because of its popularity and high volume of use, there are a lot more hackers working to find ways to break into WordPress websites than other similar platforms, simply because of the number of sites they can take advantage of once a back door is found. Gaining access to your site via these back doors allows hackers to inject malicious code into your website that can cause a wide variety of problems.

As a result of this, as these issues arise, WordPress developers patch the vulnerabilities and release new versions for users to update to. This ensures the security of their software does not continue to be compromised.

This is the main reason for keeping your WordPress install up to date.

Bug Fixes

Even with the most in depth testing process, bugs will exist in the code that will cause issues, however minor they might be. Any time new features or functionality are added to a piece of software, the likelihood of bugs existing increase, simply because more code has been added.

This requires developers to be constantly working to fix issues that come up, priority being given to the most serious of problems. Every new release of a piece of software will include fixes to bugs that have been found since the last release.

Another good reason to update WordPress.

New Features and Additional Functionality

Finally, as a piece of software grows, both in popularity and in size, new features and functionality continue to get added to improve the overall experience and to continue to make the product better. As tempting as it might be to upgrade every time a new feature is added, be wary of this reason as new features mean the potential for new bugs and new security flaws. In other words, don’t make this the only reason you run an update.

How can you determine if you should run an update?

Before you do any update to your WordPress install, you should check out the WordPress Blog. Every time they post a new release, they add a post to their blog explaining what was included. After reading the post, you’ll have a better idea of what is included in the latest update and whether or not it will positively effect your install.

With regards to plugins, you can visit the homepage for each plugin. There, you will find a tool in the right hand sidebar that allows you to select the WordPress and plugin versions and it will tell you the compatibility. That should give you good information as to whether or not to update, and if so, to what version.

Another factor to keep in mind when deciding whether or not to update is to identify its release type, for example, a Major Release (3.8, 3.7, 3.6, etc…). Major releases tend to include new features and functionality that haven’t yet been released to the public, and as explained above, those releases may be more likely to include bugs and/or security flaws. Because of this, it may be beneficial to wait for the subsequent Maintenance Release, which tend to include bug fixes and security patches.

It might be important to ask yourself if this is something you can do on your own or should you contact an expert to help with the process.  If your site is large, uptime is important, you have custom functionality, or anything else along those lines, you should go to an expert.

How should you go about doing an update?

If you can avoid it, you should never update WordPress on a live install. If anything goes wrong, your users may not be able to properly access your site. And depending on the nature of your site, this could be detrimental to your business.

So then, how should you handle performing an update?

  1. Install a version of your site on a development environment.
  2. Perform the WordpPress update on the development environment.
  3. Perform any and all theme and plugin updates.
  4. Test the development version of your site thoroughly.
  5. Fix any issues that may have been caused by the updates.
  6. Backup your live site; code and database.
  7. Merge your fixes and the updates with those on your live site (possibly via a deployment process).

This may seem like a lot of work to update your WordPress sites, but to ensure that the everything goes as smoothly as possible and limit the site downtime, it is imperative to follow this process, or at least one similar to it.

Wrapping it up!

To summarize, is it important to perform regular updates of your WordPress installs? To ensure you’re up to date with security updates and bug fixes, it certainly is important. But before you do your updates, check out the WordPress blog to ensure that the changes are worthwhile, and when you finally get to updating, make sure you follow the right steps to make it as safe and seamless as possible.