Clients often ask what is the next thing they should do once their site is complete and live online. And my answer is always the same – have a maintenance schedule that runs the updates for the core, theme and your plugins.
Because updating is designed to do three things:
- Increase security and apply patches
- Fix bugs in the software
- Add functionality and features
We often forget that WordPress is a software program and software needs to be updated just like the operating system on your computer or applications like Word, Page, and many others.
Most developers have a changelog that tells you what changes have been made to each version of the update. WordPress core does a good job keeping the users apprised of their changes. WordPress.org gives a running list of all versions with a link to more details of each one.
You can find the release notes in the update information in the updates are of the dashboard or in the plugins section. Both have a clickable link that leads you to the changelog so you can see what is being updated in the version available.
But why update WordPress and your theme and plugins?
Increase Security and Apply Patches
According to WPBeginner, 86% of all sites hacked are due to outdated plugins, themes, and WordPress
It makes sense that security updates are part of the WordPress software because who wants to have anything on their site that would lead to hacks and problems?
To reduce a site from being compromised, security patches address vulnerabilities that strengthen against attacks. Hackers watch for release notes of this software looking for ways to exploit outdated core, theme and plugin files. Which is why it's important to update as soon as possible with these releases.
Because you have a smaller site doesn't mean that hackers are interested in you. The truth is every site running WordPress is a target. It's not because WordPress isn't secure or a “less than” framework, it's because with WordPress powers 33.6% of all websites.
Hackers aren't interested in how much traffic you have or how many sales your site makes, they want your host resources to send out spam and redirect to less than stellar pages.
ACTION: If you haven't updated in a while, contact us to help you get up-to-date or create a staging site and run the updates there first to make sure nothing breaks on your website.
Bugs are glitches in the software and many times are a small annoyance but others can affect the functionality or feature of the software. Usually, bugs are discovered in previous versions and the fixes are designed to well, fix them.
Sometimes the bug fixes affect security so while we are breaking it into two categories, they can often overlap. These bug fixes can also affect speed because the new releases come with improvements which could be due to performance issues.
Add Functionality and Features
My favorite reason to run updates is the addition of new features and functionality. Most times the features are hardly noticeable but other times it makes you workflow change (in a good way) to address usability issues or missing features.
Take WordPress for example. WordPress 5.0 aka Gutenberg came out with a limited number of features because it was a huge undertaking to redesign the core to add the blocks. Phase 1 was about the new block editor while phase 2 will focus on the content areas.
WordPress makes it pretty easy to run the updates but people are still reluctant because they are afraid to break the site. That's why it's important to have a current backup and if your host provides, a staging site.
Here's a short process list that you can easily follow:
- Read the release notes so you can see what has changed.
- Create a backup of your site.
- Install the updates either in bulk in the update area or individually in the theme and plugin area.
- Review your site and be sure everything looks good.
Still not convinced this is a task for you to perform? Leave the updates to the experts. Let us take care of keeping your site up-to-date so that you can be running at optimal health and keep hackers at bay.