Free Consult.....LET'S GET CRACKIN'!

Keeping WordPress Updated and Secure in Minutes, Even if You Aren’t a “Techie”.

Web Design

dashboard updates

So you got yourself a fancy new WordPress website. It’s sooooo easy to use! You love it. You are blogging every week, keeping your products updated, selling through your site or using your site as a more in-depth brochure of your services. All the while you are posting your efforts to social media outlets, seeing the hits go up in your Google Analytics dashboard and the phone is ringing more! This is great!

But wait a minute, there are some numbers next to “Updates” on your WordPress dashboard. You seem to remember your developer saying something about keeping WordPress updated. Oh well, all is working fine right now and you are kind of scared to click “update” on those 4 plugins…and wait a minute, the theme too? Then the next thing you know it says the WordPress CMS is out of date!

Never fear! Applying updates isn’t rocket science, but there are best practices that minimize any possible problems. So before you click update on everything at once, keep reading for the how to.

WordPress powers 28% of the internet.

At least that’s the figure quoted at Wordcamp recently. WordPress is one of the most popular formats for building a website. This means there are oodles of plugins, 3rd party integrations, functionality and versatility available. These are some of the biggest upsides of WordPress, but there are many others including ease of use for the not so digital savvy website owner, affordability, scalability, mobile readiness, multiple users, the list goes on and on.

WordPress is one of the best platforms for building websites. It has incredible SEO (search engine optimization) power – even for the little guy. By installing a simple SEO plugin on your site, you can stack the search engine odds in your favor of being found on the WWW without hiring an SEO expert. If you are a small business, this is a great and affordable convenience.

The other side of the popularity coin in the digital world is there are more opportunities for it to be hacked because WordPress is so widely used. To keep ahead of the hackers, as well as improve Wordpress functionality, the WordPress CMS is always being improved through updates. Like any digital system software, updates need to be kept up with in order for the whole website ecosystem to function properly. Even if a hacker doesn’t get in, keeping WordPress updated through applying the current theme, plugins and WordPress core versions ensures all are playing well together. Think of it like your car; you have to put oil and gas in it as well as perform regular maintenance or it just won’t run well. Plus you should keep it locked (yes even in your driveway) or it might just get rifled through or stolen.

So what if I get hacked? Why would a hacker target me?

Those are great questions! Well, hackers aren’t usually targeting anyone or any kind of business specifically. Hackers set up programs (bots, short for robots) to scour the interwebs and find vulnerabilities. Once in your site they can wreak all manner of havoc from causing the site to go down, injecting malware, reroute to another site, steal private information and many other things.

What are the odds I can get hacked you ask?

Actually the odds are pretty good according to Sucuri’s Website Hacked Trend Report. Sucuri is a premier internet security expert company. I have sites get pounded by bots all the time. Luckily I take good security precautions (including using a secure hosting platform, a pro version security plugin and keeping my sites software up to date) and no one has gotten in….yet! Fingers crossed!

So keeping WordPress updated by regularly applying the updates to your plugins, themes and WordPress CMS will help to keep your site secure and performing well. This will go far to ensure you are protected, but is only part of the battle in security. Your hosting server’s’ security is important too (but that’s a topic for another day). Suffice to say if you are on shared hosting, you open yourself up to being vulnerable from the server’s side. You get what you pay for. Shared hosting is cheap hosting, so you take your chances.

If you do get hacked, the minimal cost is whatever you have to pay a developer to restore your site (IF you had a backup) and downtime for your site (which translates into a loss of business through sales, awareness, and referrals loss). Bigger losses could be private data loss (yours or your customer’s) or code could be injected in your site in order to infect any computer that accesses your site.

But what IS regularly?

The best idea is to apply updates when they are available. There will most likely be updates available weekly. I update all the websites that I support weekly and there are always multiple updates available at that time. It is easier to troubleshoot an update conflict if you do your updates more regularly. If your site is mostly a brochure for you without viewer inputs (no one sending private information through your site), you could probably get away with once a month updates (or in some cases quarterly). Some plugins can be set to update on their own as well.

Wait a minute. Conflicts?

Conflicts are when your software doesn’t play well together. Maybe there was a major update for one of your plugins and the bugs haven’t been worked out. If that happens, you will need to turn off the plugins and turn them on one by one to see which is causing the problem. This doesn’t happen a ton, but it does happen. See below for good ways to minimize this headache.

How to perform WordPress updates:

STEP 1 – BACKUP – Always run a FULL backup before updating.

STEP 2 – DOWNLOAD THE BACKUP to your computer.

STEP 3 – UPDATE SOFTWARE – in this order!

  1. WordPress CMS – do not leave the page or close the window while updating.
    • Clear your cache then check the front end of the site after the update finishes for any inconsistencies.*
  2. Plugins – it’s good to do them individually or at least in groups as below – do not leave the page or close the window while updating.
    • FIRST – backend plugins (the ones that you only use on the back of your site like security, backups, performance and SEO).
    • Clear your cache then check the front end of the site after the update finishes for any inconsistencies.*
    • NEXT – frontend plugins next (like widget, forms or gallery plugins etc..that enable functions on the front end of the site).
    • Clear your cache then check the front end of the site after the update finishes for any inconsistencies.*
  3. Themes  – do not leave the page or close the window while it is updating.
    • Clear your cache then check the front end of the site after the update finishes for any inconsistencies.*

*Checking the front end of the site enables you to see if there are any conflicts. If there is a conflict, you may be able to systematically turn off each plugin and see which is the problem. Be sure to clear your cache before you check, sometimes it may look wonky if you don’t.

To minimize software conflicts and bugs, only update to versions of software that are incremental. If there is software that is version X.0 that is a major update, wait a few weeks until the bugs get fixed and .1 comes out. Major software releases are not usually security releases. They are usually formatting and functionality improvements. The minor versions typically have security fixes and improvements in them. So play it safe and wait for the minor releases.

Wrap Up:

Hopefully you are now more confident in how to perform those updates.

WordPress is awesome, popular, and vulnerable as a result, unless you are taking precautions and keeping WordPress updated. Those digital bots are busy, and hacking happens all the time. Remember they aren’t after you specifically. They are looking for vulnerabilities in the internet.

Be sure to always RUN A BACKUP FIRST and check the front end of the site between applying updates. Conflicts can happen.

Look at the version of the software needing the update and bypass the major updates temporarily.

Use good security practices and backup your data regularly (offsite). I recommend iThemes Security and Backup Buddy.

Enjoy WordPress!….and if you don’t want to deal with any of this, call me! Fresh Eggs offers various support options to our clients.

Holly Neumann

Holly Neumann

Web Designer, Marketing Consultant

Before starting Fresh Eggs, Holly Neumann ran RepGirl, Inc, a boutique photography agency in the South with a talented group of photographers shooting for the advertising industry, for 19 years. Her regular client list included Delta, Aflac, Publix and Dixie among others. With her love of Wordpress and a marketing, design and photography background she started Fresh Eggs in 2016. She's knows what it takes to make a small business be memorable when it comes to websites and marketing.


Let's talk about YOUR business!

Schedule Your FREE Consult. I want to help you succeed!

Don't go yet!

Not ready yet for your free 30min consult? Let's stay in touch through the Chicken-or-Egg Newsletter.


You have Successfully Subscribed!

Pin It on Pinterest

Share This