How to Approach WordPress Updates
Software developers love to update software. Once an initial set of code has been released the developer either needs a new project and/or sets out to make improvements.
Table of Contents
Why Updates Matter
In the online world, updates are valuable as they serve two key purposes.
First, updates bring new features. Version 1 of anything is rarely very good and never as good as version 2. Who doesn't want stuff to be more awesome?
Second, updates are made to close potential security gaps. Developers are in a constant game of chess with hackers in which the hacker attempts to find vulnerabilities in the code and the developer tries to close those vulnerabilities before too much damage can be done.
The Inherent Risk of Updating WordPress Stuff
With that said there is a huge danger because updating WordPress plugins occasionally can cause havoc if a combination of plugins has a compatibility issue they didn't have previously. Version 2 of your theme along with Version 1 of Plugin A and Version 3.2 of Plugin B may live in harmony together but updating any of them might disrupt the harmony.
When this happens the site owner seeks to find a 3rd party solution to force harmony or has to replace the offending plugin with a competing piece of software that is more compatible.
To minimize these issues and to make the troubleshooting as painless as possible follow these recommendations when running WordPress updates.
How To Strategically Update WordPress Plugins and Themes
1: Backup All Plugins That Need Updating
I just create a new folder on my computer and using an FTP program like Filezilla I connect to my site and download each plugin folder that has an update available.
Once I have all those plugins downloaded (backed up) to my local machine I proceed. After I'm done with updates I zip these “backup” folders and save them to some sort of cloud storage. If something comes up down the road I have archived versions of these plugins or themes.
2: If Possible Setup a Staging Site for Testing
The ideal method for testing and running updates is to do so on a staging website. A staging website is a duplicate of your website that you can run tests on without risk of breaking or messing up the live site.
Many website hosts now make it very easy to create a mirror copy of your site on a staging server and then when happy with the changes push the staging site back to live to implement those changes.
This could add cost and expense to your hosting plan. Also, if your website is massive or huge you may find the WebHost is unable to create an effective mirror copy of your site for staging (ask me how I know). If you are unable to set up a staging site you can still continue below with my recommended steps but obviously, your risk is much higher, and following these steps will be even more important.
3: Update 1 Plugin At A Time (Or as few as you can stomach)
When you have the backup ready and have explored the option of running updates on a staging site first; you are ready to actually start updating the plugins etc.
Updating only 1 plugin at a time is ideal as it allows you to check the site to see if that update caused any issues. When I run updates, I'm often running 30-50 of them over the course of a few days. In those circumstances doing one at a time isn't realistic. The time it takes to update 1 plugin and then effectively check the site and monitor it for issues would just take too long.
If you find your situation is similar you might update plugins in batches of 3-4 at a time or whatever the number is that makes sense to you. The point is to not run a massive number all at once as it will make your troubleshooting in the case of some sort of issue much more difficult.
The point is to allow some sort of time between updates to monitor the site for issues and run through your verification checklist (more on that below). The more traffic your site gets the more likely you are to be alerted by site visitors quickly when an issue arises. Adjust the schedule to fit your needs.
4: Keep A Changelog for the site
A changelog is just a documented list of changes you make to the site along with any relevant details and the date/times. A changelog may not be super necessary on small sites with very infrequent changes or very few plugins installed.
On larger more complex sites I maintain a changelog. This has saved my bacon many times. Perhaps I run some updates and the site appears fine but a few weeks later I notice (or more likely a customer points out) a problem. Often I'm able to trace the issue back to a specific date. First thing I do? Check the changelog.
If on that date I made changes. Updated something, installed something, removed something, that becomes the most obvious culprit to the issue and makes troubleshooting much easier.
5: Choose An Optimal Time To Run Updates
Running updates carries inherent risk. If you run them directly on the live site (see #2 above) then any given update could break the site. Furthermore, every time you run an update the site is unavailable to users for a minute or two when that update is being run.
For those reasons, it doesn't make sense to run updates during your highest peak traffic times.
On the flip side, some issues best manifest themselves when there is some traffic to the site. Also, if there is an issue, do you have the expertise to fix it yourself or are you dependent on a developer or contractor or 3rd party? For these reasons, I prefer not to run updates during the middle of the night. Some traffic is desirable and I want to run updates when I can get ahold of developers I work with should there be a problem.
In my case, this tends to make late weeknight evenings my best time to run updates.
6: Build a Test & Verification Checklist
After you run an update you will want to do some checking to make sure the site is still fully functional. If the plugin you updated impacts some specific page or function on your site you can obviously check that directly but that by itself is no guarantee that it didn't break some other less visible function on the site.
For that reason, depending on the complexity and importance of your website you might build a verification checklist. A series of things on the website to be checked or tested to ensure complete functionality. Running through that checklist after each update or batch of updates is a good practice so you discover errors right away instead of days or weeks later.
A Few Other Important Notes
Up to this point, I've focused on updating plugins and themes. Updating WordPress Core is a slightly different animal. First, backing it up is more challenging. You can certainly back up files via FTP (basically every file that isn't a plugin or theme) but that won't back up the database where all the site information is stored. I suggest contacting your host to ask the best way to back up the entire site including the database before you update WordPress core.
What if something does happen? If you do experience and issue how do you troubleshoot? Perhaps I'll cover this more thoroughly in a future article but here is a short list of ideas.
- Identify the culprit. If you just ran an update(s) and there is some sort of issue, that issue is probably correlated with whatever you just updated. Test this theory by removing that plugin completely or by uploading the backed-up version of the plugin, or by renaming the plugin folder on the server via FTP. If that solves the problem you found your culprit. If that doesn't solve your problem you have a bigger issue.
- You now need to take some drastic measures. You can first rename the plugin folder on the server. Change it from “plugins” to “plugins-off” and that will temporarily make your site act as if there were no plugins installed. If this fixed your issue you now know it is a plugin causing the problem. You are going to have to go back to step 1 above and repeat it in some systematic way one plugin at a time until you find the culprit.
- If disabling all the plugins (and/or themes) didn't solve your problem you have a serious problem. Something with your database or WordPress core. You might try reinstalling WordPress and if that doesn't do it you need a higher level of professional support. If you have a full site backup with the WebHost this is the try to restore the backup.
- Once you find your culprit you can keep your backed-up version of the plugin live for now and contact the plugin developer to see if they can address the issue in the next update. Or you can find an alternative plugin to accomplish the job/task desired.