How WordPress updates help secure your site

Updates are easy enough to ignore unless that little number at the top of your dashboard drives you batty. But ignoring them leaves your site at risk for being hacked. It’s not that I want you obsessively checking for pending updates, because that would be crazy-making. I’d rather have you set up a maintenance schedule to follow once you know the whys + hows first.

What do updates do, exactly?

Whenever your site has a pending update, that means that the theme creator, plugin developer or team at WordPress have released a newer version for you to use.

Those updates don’t always have to do with fixing a security issue.
However, there are many times when the update does, in fact, fix a security weakness that exists currently on your site — and that’s why you want to run your site updates.

Beyond fixing security issues, updates oftentimes provide a new feature or improvement that you’ll benefit from. Whether that’s a faster plugin leading to faster load times on your site, a new tool for styling your blog post content to make it more readable for your audience or the ability to sync with your favorite social media platform.

Rarely are site updates a bad thing. And when they are, it’s because the update release was rushed and a better version is around the corner.

When should updates be done?

I don’t love telling folks what they “should” do, but I have found that a monthly maintenance cycle works really well for most clients.

If you have a large amount of plugins, a biweekly schedule may be better so that you aren’t updating so many things at once. And if you have a small handful of plugins (less than 5), you can get away with running updates every 6-8 weeks instead.

What matters most is setting a schedule + sticking with it.

While running updates as soon as you see them can be a great plan of attack, it also leaves you vulnerable to those rushed updates that I mentioned in the last section.

By letting other folks run their updates immediately + find the bugs, you give the developers time to fix those bugs + release an update that is free of them.

How do you update your site?

Updating your WordPress site does not have to be daunting at all! If you develop your system or process, you can simply follow that every time maintenance day rolls around on your calendar.

I recommend following these steps when updating any WordPress site:

  1. Run a backup
  2. Research the updates
  3. Run the updates (in batches of 6 or less)
    I use the order of themes, plugins, WordPress
  4. Check your site for issues
  5. Address any issues
  6. Run a new backup

If you need a breakdown of those steps, read this post about how to run them without taking down your site.

on your keyboard hit enter to search or esc to close