Keeping WordPress websites up-to-date is essential to ensure your site remains secure, performs well and is accessible across all devices. It can be quite time consuming but is the most important aspect of website maintenance. The plugins and themes developed by the global WordPress community are released on a regular basis - it is not unusual for WordPress websites to see several updates every week. Some of these updates contain security fixes while some introduce new features, improve performance or fix bugs present in the installed version.
The cost of ignoring updates that contain security fixes can be substantial. Hackers and Spammers are constantly probing websites for vulnerabilities and outdated software will offer an easy way in. A hacked site could lead to all sorts of problems including:
Leak of private user data
Loss of Search Engine Rankings
Loss of Revenue
Malware warnings on your website
Unauthorized charges on customer credit cards
Expense of ridding an infected site of malware
WordPress updates also ensure that active WordPress plugins and themes remain compatible with WordPress itself and with updates to the active theme and plugins. Unfortunately, updates also introduce the risk of disruption due to bugs in the new version or conflicts with other installed software that can lead to errors showing on the site, inability to access the WordPress dashboard or a complete website crash.
To ensure the websites we host enjoy the benefits of up-to-date software without the risks, we use a WordPress update process that we've developed and refined over the last 15 years. For sites with Advanced Functionality or Custom Coding, we also offer optional "Staged Updates. Available as an Addon to all Hosting Plans, when performing updates we clone the website and test the update on the clone without affecting the production website. We assess any issues, identify changes, and decide if the update should be performed on the production website.
Changelogs are reviewed throughout the week as new versions are released, making note of special update instructions from the developer.
We monitor support forums, twitter lists and slack channels to monitor for increases in support requests that may indicate an issue with the update
Updates are first made to our test, development and staging websites that are not publicly available and monitored for errors and issues.
We install the available updates to WordPress core, plugins and themes, once every week, when traffic to the website is lowest, which is usually on weekends.
Sites are automatically and manually reviewed to verify there are no errors or visual changes. If there is an issue with the update, we investigate and attempt to address it, making any changes to settings as required.
The weekly report that goes out to clients each week contains a list of all updates done to the site.