“How often should I update WordPress, plugins and themes” and “Do I really need to” are questions I get asked quite a lot! So, I thought it was about time I put my answers into a blog to explain it in more detail.
If WordPress updates were only for adding features, you could justify not updating a site that doesn’t use or need those features. But there is more to it than that, it is also about website reliability, bug fixing, and improving security. Therefore, most updates should be applied as soon as conveniently possible; not updating obviously puts your website at risk.
WordPress, out of the box, can provide a lot of tools to create your website, but there may be certain requirements that WordPress can’t meet. That’s where plugins and themes come into play. However, the majority of these are created by third party developers. So whilst they will have their own schedule to also improve reliability, bug fixing and improving security, they are written for the current version of WordPress. So naturally when WordPress release an update, they need to throw in another update too (to ensure their code is still compatible and the plugin still works like it should).
The more plugins used on your website, the more updates that are needed. To give you an example of where you might use these, things like; social media feeds, Mailchimp or CRM integrations, chat bots and pop-ups, not to mention optimisation, security, anti-spam or virus checking tools.
When you install WordPress it comes with a few themes. As I use Divi themes, I remove the WordPress ones after Divi has been installed. Leaving themes or indeed plugins installed that are not needed, not only takes up additional space on your site, but can also create possible security issues, if left out of date.
How do you perform WordPress Updates?
WordPress release two types of updates:
- Major releases where a lot of new features are added in, and possibly areas of the software have been developed to work better,
- Minor updates to fix any issues that have come from earlier releases, tighten up security or add smaller additional features.
But there are times when an update could break your site. Let’s say WordPress has been updated and one of the plugins you are using isn’t compatible with that version. You need to be able to roll back, if you need to.
Below are the steps I take when doing updates:
- Ensure I have the latest backup of the site, or take a fresh copy
- Update WordPress core
- Update WordPress plugins one at a time. (if the site has issues, you then know exactly which plugin to disable / fix, to bring it back online)
- Update your website theme
- Post update website testing to check it all still looks and functions like it should.
Can WordPress updates be automated?
Minor updates to the WordPress core files can be automated and as these updates are usually safe to apply and can address security issues. This is something that I would recommend activating as it will take care of security issues as they crop up.
Major releases as well as plugin and theme updates, however, can create issues. Also, no one is there to check and test the site afterwards. It could break a site and you may not be aware it’s gone down….or which plugin caused the issue if multiple updates have been done at once. That then takes more time to identify the issue and resolve it, meaning your website is offline for longer than it need be.
How often should I run updates?
As updates are released all the time, I always recommend these are carried out on a monthly basis. You can see from my steps above that running through a safe update process takes time and resources.
I always receive notices when an urgent update has been released, and these emails state what and why. If it is security related, then I will do the update as soon as I am able too. But with some updates (like those that happen on your mobile phone), it isn’t always wise to be the first person to do it! If the update isn’t urgent, then I save them up and perform all the updates once a month. That way any issues that have been identified have been ironed out before-hand by the developers.
Running all updates periodically will help keep things running smoothly and compatible with the latest technology and software the web relies on. If you don’t update, I guarantee you will end up being hacked sooner rather than later. Any business owner that has been through this will tell you it’s not a pleasant situation to be in.
Do I have to pay someone to do this?
No, not necessarily, so long as working in the back end of your website is something you are comfortable doing. I’m not saying that to force you to pay someone to do this, but just because you have scheduled in time to do the update, doesn’t mean someone will be available to fix it should it all go pear shaped.
But is this something you really want to be doing? For a small monthly fee, you could have your website kept up to date which will not only give you piece of mind everything is secure and functioning correctly, but it will save you money in the long run.
Updates should be carried out fairly regularly to ensure the front door to your business remains open and inviting to potential clients. Let HBS look after this for you so that you can focus on what you do best! Happy to have a chat if you wish to discuss your options.
As always, if you have questions, please do get in touch.