Select Page

Update plugins? Why?

Improve Security, Reduce Vulnerability, Enhance Performance

In thirty years (yikes!) of working with software of all kinds, I have yet to find a piece of code that does not require a “fix” of some description when it is put in to use in the real world. WordPress®, and the platforms that it runs on, are no different.

Why are there so many new releases?

Software is constantly changing. The only constant is change. Users find problems when using the product in live environments in situations that did not arise in test. Vulnerabilities come to light over time. Developers think of enhancements that provide better functionality and therefore improve how your website performs.

When the developer makes a change for whatever reason, they release a new version which can be applied to existing installations (subject to licence). Depending on circumstances some new releases may need to be more urgently applied than others. For example, where a serious security risk is identified and a fix for that specific issue is released.

 

WordPress is used by 43.2% of all websites on the internet, an average increase of 12% per year since 2011

The official WordPress plugin directory currently features 59,825 free plugins and over 31,000 WordPress themes in total, including premium options.

Source: blog.hubspot.com

Why do new releases matter to my website? It’s working fine!

It is advisable to keep your website updated with the latest versions available. Outdated software can be a security risk for your business. Criminals can take advantage of the vulnerabilities identified in older versions to abuse your website in some way, resulting in damage to your reputation, damage to your business or worse.

Approximately 90% of WordPress vulnerabilities are plugin vulnerabilities.

6% are theme vulnerabilities.

  4% are core software vulnerabilities.

Source: blog.hubspot.com

So I can just hit the update button and it will be fine?

You can take that approach for some aspects yes, but it is not at all advisable. While you might “get away” with it in some cases, it is not always that simple. Updating software can cause conflict with other software used by the website and subsequently prevent the website from working properly after updating.

There are also layers of software to consider with a website built using WordPress®. If we start with the foundations that reside on the server….there is the version of php in use, the version of MySQL which houses the database of information about your WordPress® configuration, then there is WordPress® itself, the theme which provides the front-end layout  on the website and finally the extra functionality provided through little pieces of code called plugins.

Access

What you have access to change or update on your website or server very much depends on how and where your WordPress® website is hosted and any agreements you have in place with your hosting service provider.

Testing

Having a “staging environment”, somewhere to keep a copy of the website in order to test new features, new versions and compatibility. It is recommended for testing purposes before applying changes in a live environment.

Backup & Recovery

It is highly recommended that a backup of your website exists before any updates are applied. If something does go wrong, a backup can at least get you back to where you were before the update was applied. Without a backup, at best there is a repair cost to your business to fix the damage done to the website. At worst it could involve a complete rebuild of your website. Plus, the website is unavailable while the repair/rebuild is ongoing. The impact of this depends on how much your business depends on your website.

Timing

The timing of when updates are applied can also affect your website as the site will go into “maintenance mode” while a new release is applied and will be unavailable to users. This is not ideal at times when the traffic to your website is at its highest. 

What if I don’t have the time or expertise to manage updates on my website?

Try our Digital Care Plan for WordPress® websites.

Each of our Digital Care Plans contain backup options and each update is checked to ensure there are no issues with compatibility on your website. Your website is also reviewed after updates are applied to ensure it remains working as expected from the frontend where customers are viewing it. Updating happens seamlessly at an appropriate time, keeping your website online and active 24/7/365.