What are the best practices for updating?

Don’t want to do anything to take down my blog. Here are some upgrade-related questions:

  1. How often should WordPress be updated?
  2. What is the best way to do it?
  3. How to know if there is a problem with plugins? When a new version of WordPress comes out, we have no way of knowing if there is a problem with existing plugins.
  4. When should plugins be updated? At the same time as WordPress?
  5. Is there a test suite that is run before releasing Worddpress? Does it include plugins?

Related posts

Leave a Reply

6 comments

  1. Do not just upgrade immediately. Take the time you need for an informed decision. And make a backup, of course. 🙂

    1. Read the changelog for the new version. Example for 3.4.1. The blog announcements and the Codex pages are not complete.

    2. Test the upgrade with an exact copy of your production site, including plugins and themes.

      • Add, change and delete an user, a post, a term (tag, category).
      • Log out, log in, test all active user roles.
      • Test all custom JavaScripts. jQuery for example was added once so late in the pre-release process that plugin authors could not adjust their code in time.
    3. If you are not a developer and it is not a minor release (where just the third number changes) wait some days, look for the trouble-shooting thread in the wordpress.org forums. Example for 3.4. Minor security updates are usually safe.

    4. If you use the web interface to upgrade or SSH/FTP doesn’t really matter anymore.

    5. Plugin compatibility has to be tested. There is no other way to know how they play together.

  2. 1. How often should WordPress be updated?

    As often as there are security updates. So, yes, when there’s an update for WordPress, you should take a look at the changelog if you are not planning to go with the update.

    2. What is the best way to do it?

    A. Backup your database. B. Then, if it’s a security update, you just NEED to go with the update process, no matter what. C. If it’s NOT a security update, I’d check the compatibility of the plugins I use with the latest version of WP. For instance:

    Example

    3. How to know if there is a problem with plugins? When a new version of WordPress comes out, we have no way of knowing if there is a problem with existing plugins.

    You can never be sure. I’ve read that, in it’s history, WordPress has never removed depreciated functions altogether (but that does not mean, you are all set), so you are probably safe until the plugin author fixes it. (Point (2) also applies here.)

    4. When should plugins be updated? At the same time as WordPress?

    Same as point (1). If it’s a security fix, just update. If not, update if you need the new features or fixes (again, look at the changelog for the plugin).

    5. Is there a test suite that is run before releasing WordPress? Does it include plugins?

    All stable releases of WordPress are very well tested before release. But are not tested against plugins. It’s for the plugins to keep up with WordPress, not vice-versa 🙂

  3. These are my opinions and i always trying to follow it to the most:

    1. As fast there is an update available, Update!.
    2. Backup the database, i always have a copy of the site on my local machine that i test the updates on. If it works well i update the live one. But again, Backup!
    3. Enable wp_debug in wp-config.php to see if there are some deprecated functions or other errors.
    4. Not if there is no conflict with with the new release of WordPress.
    5. You can alway test with the nightly version of WordPress before public release
  4. isnt’ it good practise to never be current with latest build, but rather one release behind, that way the plugins are more likely to be compatible (it takes time for developers to catch up with the latest WP builds)? This has been my practise, to minimize compatibility (with plugins) issues which is where 90% of your site issues will reside.

    If you just go to the plugin page, and you go to your plugin of choice, select the latest build, and invariably (particularly the small single man shops) there will not be enough data to determine compatibility (however, you’ll often see 100% compatible – by author, to older WP builds). You tell me which you’d go with.

    And always backup. I use updraft plus. It’s the best I’ve seen. I can automate your backup on a schedule you set, and can upload to the cloud (amazon, google etc..). Set it and forget it.

  5. How often should WordPress be updated?

    WP should always be kept up to date. You should update it as soon as possible after an update is released.

    What is the best way to do it?

    Always have a current backup – and know how to restore it if you have to (or have someone handy who can).

    Do you make an income from the site? If so, you can set up an exact duplicate of your site (as previously mentioned) and test the updates there first. If you’re making an income from the site, it’s worthwhile to hire a developer to maintain your site, and go through all these hoops for you. Or, you can try using a WP host that does upgrades and automatic backups for you (as long as you’re aware that hosting companies normally don’t actually look at your site to make sure it’s not broken).

    If you’re not making an income from the site, you can make a list of all the plugins you use (and what they’re for), and all the functionality that your site needs to have to not ‘break’. You should use as few plugins as possible, and delete any that you don’t need.

    You can either click on the Update button, or set up WP 3.8+ to update itself automatically (with options of major updates only, or including minor updates and/or plugins). If you use any automated system, make sure you periodically check your site hasn’t lost any functionality (see below). It also helps if you have widget in your sidebar or footer that asks your visitors to report any ‘bugs’ they find to you.

    How to know if there is a problem with plugins? When should plugins be updated? At the same time as WordPress?

    After making sure you have a backup), update WordPress, then update your plugins. Go through your list and check that all your plugins are still working as expected. Is your contact form still working, for instance? Are your shortcodes still working? Are you getting any error messages? If something looks wrong or broken, go to the plugin developer’s page and check the support forum. If nobody else seems to have the same issue, do some troubleshooting on your site. Does the plugin work if all other plugins are deactivated? What if you switch themes? Submit a support ticket if necessary. Be prepared to find another plugin to replace the one that ‘broke’.

    Is there a test suite that is run before releasing Worddpress? Does it include plugins?

    I’m not sure what you mean, other than setting up your own ‘clone’ of your site for you to do a ‘practice run’ of an update on.

  6. I know this is mentioned in other answers, but I just wanted to give across what I feel is the single most important reason for updating for people who may overlook this – security.

    I realise most of us here understand security, but occasionally there are users who may not understand the importance of updating.

    If any release addresses security vulnerabilities, chances are that hackers will try and exploit these to access a website using an older version or WordPress or a plugin, script, etc. It happened to me once using the openx ad server.

    Just look at what happened with Snap Chat this week – Gibson Security warned of vulnerabilities and hackers exploited them affecting 4M accounts.

    Updates generally address bugs or new features and you need to review these individually before you can make an informed decision whether to update or not.

    HTH