What we will cover
Is your website warning you to update to the latest version of WordPress? If your site is working well, you might be tempted to leave things alone (if it ain’t broke, why update WordPress?)
We give three reasons why you should update and suggest two ways of staying in control.
Why Update WordPress? I’ve got three Key Reasons
Staying ahead of the hackers
Website security is the most important reason for applying your WordPress updates as soon as you can after release. When logged in to your website, you should receive a notification at the top of the screen in your website dashboard when a new update is available.
The large and active WordPress community will often come across flaws in the current WordPress code which could enable hackers to use tools known as exploits to take control over or attack a website running that version.
Each time WordPress releases an update, it will contain the latest security patches: pieces of code designed to fix the security holes that have been discovered.
But why update WordPress immediately? Is it really that time critical?
Yes, it is. Once a vulnerability has been found by the WordPress community, it is only a matter of time before someone dodgy tries to take advantage. Especially since details of newly discovered security flaws are included in a weekly WordPress Vulnerability Report.
Depending on their resources, hackers could attack websites in bulk or design exploits that specifically target websites running versions of WordPress that haven’t been updated.
Even on a smaller scale, it is very simple for hackers to work out which version of WordPress a website is running and therefore which have not been patched. They only need a standard web browser to view the source code of the website and find the WordPress version details.
Optimising performance – for people and search engines
It is now more important than ever to optimise your website’s performance. Your site should load quickly, respond to actions (button clicks, taps, scrolling actions, etc.) immediately and have a stable display (one that doesn’t shift around with tons of pop-up ads). Google measures these three elements and has given them a fancy name: Core Web Vitals.
Since September 2021, Google uses Core Web Vitals as a ranking factor. In simple terms, your site needs to meet the standard if you want it to show up in Google search. WordPress updates often contain performance tweaks so applying these quickly will help to raise the search profile of your website that much earlier.
Sometimes, a website’s performance is affected by bugs in the WordPress code. Fortunately, the WordPress community will usually find these bugs and alert the core developers who will apply bug fixes in the next update.
So this is another reason to click that WordPress update link.
Access cool new features
While security and performance are two powerful reasons to keep on top of WordPress updates, they are not the only benefits. From minor tweaks to major upgrades, WordPress core developers regularly introduce new features to the community.
For example, in December 2018, WordPress replaced its classic content editor with Gutenberg, a block-based editor. While Gutenberg divides opinion, there is little doubt that it makes building and editing WordPress websites more intuitive, especially for non-techies.
By keeping your website updated, you will be able to benefit from any new features sooner.
Staying on top of your WordPress updates
WordPress developers release both minor and major upgrades throughout the year. While minor updates are released on an ad-hoc basis, there are usually two to three planned major updates each year. It is usually a good idea to set your website to apply minor updates automatically.
Why update WordPress manually at all, I hear you ask?
It is good practice to test major updates on a development site before applying them. While WordPress developers work hard to ensure major updates are backward-compatible, they can occasionally cause conflicts which can lead to some features on some websites breaking or misbehaving.
Rather than risk angering website users, it make sense to test and then manually apply major WordPress updates as soon as possible.
How do I know when I need to update?
Most WordPress websites are set up to automatically apply minor security and performance updates to the WordPress core files.
However, you will need to periodically log in to your website’s admin area (dashboard) to check whether any larger core file updates have landed, or to apply updates to themes and plug-ins.
For a standard single WordPress website installation (with a default dashboard design), you can spot, at a glance, if an update is due simply by looking at the side menu of your site’s dashboard, On the top left, you will see a red circle with a white number next to the ‘Updates’ label. The number tells you how many updates are required.
Clicking on the ‘Updates’ label will show you what those numbers relate to, which will either be the WordPress core files, plug-ins or themes.
How to update WordPress website core files
WordPress core files are updated several times a year in new versions of WordPress. From the updates screen you just accessed, you will see the version of WordPress your site is currently running (e.g. 5.8.2)
If there is a pending WordPress core file update, you will be prompted to back up your website and click a link to install the new version, once you’ve done so. We recommend you follow the advice to back up first, and there are several plug-ins that you can use for this.
Once you’ve backed up your site, you can simply return to the Updates page, click the update link and wait. You should see a couple of interim messages flash up on screen before being notified that the update was successful.
WordPress may also redirect you to a simple tutorial/information page so that you know what is included in the new update.
On the Update page, you may also notice that there is a link to enable automatic updates for all WordPress versions. This is a good idea, from a security standpoint, but be aware that big updates can sometimes cause compatibility issues with themes and plug-ins.
We run through some of these at the end of this article.
How to update WordPress website themes
Your active WordPress theme determines how your website looks to others. Changing themes will completely overhaul your website’s appearance.
WordPress theme providers regularly update their themes to improve their performance, patch vulnerabilities and add new features and design elements.
Updating your WordPress theme is a simple process.
Once again, go to the Updates page and scroll down until you see the ‘Themes’ heading. If updates are pending, you will see a number, in parentheses, next to the heading followed by a table showing the available updates.
You can click the checkbox next to each update or the ‘Select All’ checkbox on the bottom row of the table. Next, click either of the two ‘Update Themes’ buttons.
As with the core files updates, expect to see some interim messages flash up on the screen. As long as you get the ‘All updates have been completed’ message at the end of it, you’re good to go.
How to update WordPress website plug-ins
Plug-ins are powerful programs which add features to your website. As with theme developers, plug-in developers regularly update their code for performance and security reasons.
To update any plug-ins, you need to follow the same process as for updating themes. In other words:
First, go to the Updates page and scroll down until you see the ‘Plugins’ heading. If updates are pending, you will see a number, in parentheses, next to the heading followed by a table showing the available updates.
You can click the checkbox next to each update or the ‘Select All’ checkbox on the bottom row of the table. Next, click either of the two ‘Update Plugins’ buttons.
As with the core files and themes updates, you will see some interim messages followed by the ‘All updates have been completed’ message at the end of it, you’re good to go.
Before you log out of your WordPress admin area, it is a good idea to check the menu. The ‘Updates’ label should no longer have a red circle beside it, indicating that you are now completely up to date and protected.
Potential issues with updates
Now you know how to update WordPress core files, themes and plug-ins we can focus on some of the things that can go wrong with the update process – and what to do about them.
One of the most common issues that occur when updating WordPress files, involves plug-in conflicts.
Most plug-in developers work hard to ensure their plug-ins are always compatible with the latest version of WordPress, but bugs can occur. Since the errors can affect the site as a whole, it is not always easy to work out which plug-in is responsible for a problem, especially if the issue occurred following a WordPress core files or theme update.
Trial and error is usually the best method for determining which plug-ins are to blame. To do this, go to the Plugins page and deactivate all plug-ins. Activate each plug-in individually until you experience the problem.
Once you’ve identified the rogue plug-in, you can either replace it with a different plug-in or reach out to the support team associated with that plug-in.
This is related to the previous issue. Some plug-ins are abandoned by their developers. As time goes by, the chance of incompatibility with later theme and WordPress updates will increase. Since outdated plug-ins may have unattended security vulnerabilities, it is usually best to find a similar alternative.
Plug-ins may also become obsolete. The features they provide may no longer be relevant to a modern website, or they may since have been added natively to WordPress core files.
Lost theme modifications
If you, or your web developer, have made custom alterations to the code in your themes, these will be over-ridden by theme updates.
The solution to this is to create ‘child themes’ based off of the original theme. For help with this, speak to your web developer.
Too many updates
You might come across a rare issue whereby the same update has been initiated multiple times. If you get a warning telling you that an update is already in progress, simply try again later. This time lock is built in to WordPress to avoid file corruption.
Admin lock out
This issue is rarer still but is worth us including because of the stress it can cause. Some plug-in updates can cause you to be locked out of your website’s admin dashboard. The easiest solution to this is for your web developer to edit your WordPress configuration files directly on the server where your website is hosted.
Have we whetted your appetite?
Once you’ve mastered applying updates, you might want to explore some of the other functions built in to your WordPress website.
Our non-technical WordPress Training Courses are ideal for helping business owners and admins to master the running of their own websites, reducing the need for outsourcing support.
To benefit from time with a Vu WordPress whizz, visit our course page and contact us to book your spot.
Do you know anyone who may be interested in this project?
Click to share: