I’ve built in excess of 500 WordPress websites and the number one problem I see after I turn the sites over to the owners is that they don’t keep WordPress sites updated. Despite the fact that I show them how to do these updates, supply them with this blog post for reference, and tell them the consequences of NOT updating…still, they don’t keep their sites up to date.
If a vulnerability is discovered in WordPress and a new version is released to address the issue, the information required to exploit the vulnerability is almost certainly in the public domain. This makes old versions more open to attack, and is one of the primary reasons you should always keep WordPress up to date.
The latest version of WordPress is always available from the main WordPress website at http://wordpress.org. Official releases are not available from other sites — never download or install WordPress from any website other than http://wordpress.org.
Keeping Your Site Updated Is Totally Doable
WordPress now has a handy updates page that shows you all of the updates available for the site, whether it’s WordPress, itself, or one of your plugins or themes. Just log in and at the top of the Dashboard menu, look at Updates. If you see a number there like you do in this picture, you’ve got updates available.
Just click on the word ‘Updates’ and you’ll be taken to the updates page. Check the boxes for the pieces you want to update (I recommend doing plugins first, then themes, then WordPress, itself, if you have all 3 kinds of updates to do.)
Here is an example of an update page:
I’ve outlined where the three main parts (WordPress itself, plugins and themes) show up. As you can see, there is one plugin in this site that needs to be updated. Everything else is up to date.
What If Something Goes Wrong? What Then?
On the odd occasion, something will go wrong. Rarely is this ever fatal to your site, but ALWAYS make a backup of your site before doing updates. Better safe, than sorry. And if something does go wrong, it’s usually an easy fix – like logging in via FTP and deleting the offending plugin, or updating WordPress manually.
If you’ve made changes to your theme (in the code, not in a theme options panel), then updating your theme will blow away the changes you’ve made. If it was you who made those changes, you a) should have created a child theme and made your changes there to prevent this from happening, but b) can now make a child theme and make your changes in it, and next time you need to update the theme, your customizations will be preserved.
If someone else made changes to your theme for you and didn’t do so using a child theme (or you’re not sure how those changes were made), it’s best to contact the developer before updating your theme. If you need assistance and your developer is unavailable, contact us. We can and will help.
We Can Keep WordPress Sites Updated For You
If all this talk of updating gives you the heebie-jeebies just thinking about it, then maybe our WP Anti-Hack Plan is the ticket for you. You get way more than just updates with it, and best of all, the piece of mind of knowing your site is being well cared for. Something to consider…
Whether you do it or we do it, SOMEONE needs to do it. And stay on top of it as it really IS your best line of defense against hackers and other problems.
Have I made my point? Keep WordPress sites updated! 🙂