What types of updates are there in WordPress?
WordPress is the most widely used content management system (CMS) on the web. It is one of the best-known and most actively maintained open-source applications. This means that updates are made regularly, sometimes in response to bugs or security flaws that may have escaped the keen eyes of the developers, but also of course to add or improve features.
That said, there are several different types of update:
The heart of WordPress
These updates concern the WordPress software itself. At the time of writing, we are at version 6.8. These updates are crucial and can bring their share of changes. It should be noted, however, that backward compatibility is a strong condition that is maintained over time, in order to ensure that the software works properly in general.
The theme
Every WordPress site has an active theme, the purpose of which is to define the style effects (although many architectural elements are generally also managed by it, giving it a hybrid role).
There are an infinite number of WordPress themes. Some are better maintained than others. This is a major security and maintainability risk, because developing a WordPress site with a poorly maintained theme is a guarantee that you will have to redesign it in the near future (or expose yourself to security and functionality flaws).
Plugins
These are features that are added to WordPress, depending on the needs of the site. As with the theme, it can happen that some plugins are less well maintained than others. The untimely and thoughtless installation of plugins is one of the major causes of WordPress site piracy (it is also the signature of many amateur sites).
Translations
This is the least sensitive part. The translation files must be updated when new contributions have been submitted. These updates do not pose any risk in terms of the operation of a WordPress site, but they can modify certain text elements in the administration interface and on the public website (front-end).
If you have manually modified translation files (for example, using Loco Translate for badly translated or incomplete plugins or themes), you must make sure that you have saved these new translations somewhere other than the original directory, otherwise all your changes will be overwritten during the update.
The real risks of ignoring updates
If your site isn’t maintained by a professional, there’s a good chance that you’ll let updates drag on. Simply because you forget to connect to your site’s administration interface regularly – which is understandable if you have a full-time professional activity to manage.
And when you finally log in, after 2 months away, you see that something new has happened during that time.
And then, inevitably, you hesitate. Because you know there’s a risk in updating your plugins, your theme, and maybe even WordPress itself. The slightest incompatibility could lead to certain features being broken, your pages being completely broken, or worse: your website becoming unavailable.
And you’d be right to hesitate, because incidents like this happen every day in the world of WordPress.
It is impossible to guarantee 100% that an update will not bring undesirable changes, especially if you have installed plugins, configured a custom theme for your site, etc.
Here are the unfortunate consequences if you continue to do nothing:
- Loss of performance: your site becomes slower, or even incompatible with certain browsers.
- Loss of functionality: certain features of your site no longer work properly, generate errors and affect the user experience. Some of your plugins no longer work with your old version of WordPress, for example, or with each other.
- Impact on referencing: slowness, technical problems and display issues lead the referencing bots to penalise some of your pages, causing you to lose visibility.
- Security risks: an unrepaired security flaw can lead to your site being hacked. You not only lose access to your site, but also your data, and that of your customers, if applicable.
- Difficulty of repair: a site that has not been updated for a long time is more complex to get back up and running, because several problems can arise that will have to be dealt with successively. What’s more, the online support you’ll find on forums won’t necessarily be able to help you if your site has plugins that are too old.
The risks if you update your site
Conversely, updating a site always involves a degree of risk. As I said above, this is one of the reasons why people hesitate to take the plunge: “since my site works well today, why risk breaking it by updating it?”
Except that the risk of leaving it as it is is far greater than the risk of installing patches.
There are many tools available for updating a site securely:
- full backup before operation, on a remote server.
- record versions of plugins, themes and versions of WordPress so that you can easily rollback them in the event of problems.
- a copy of the site in a staging environment where updates can be made without impacting the site in production
- automated and manual post-operational testing (visual and functional inspection)
- moving to the production site
How often should you update?
If you have followed this correctly, you will have understood that it is preferable to update your site quickly when a new version is published (core, plugins, theme).
General updates
Some providers carry out updates once a month. This is far too little.
A weekly (or even fortnightly) schedule seems more appropriate.
For my part, I update all the sites I maintain once or twice a week.
For security patches?
When a vulnerability is discovered, the development team quickly releases a patch (otherwise, your plugins are poorly maintained and you’d better find an alternative).
These patches must be installed as soon as possible.
At Ikacode, continuous monitoring and email alerts mean that these operations can be carried out in the hours following the announcement of such vulnerabilities.
Should updates be automatic?
It’s a big debate among WordPress professionals.
Some people automate all updates, which then occur shortly after they are made available in the official repository.
The logic is that it’s better to update ‘too early’ than too late.
I don’t share this approach.
If a customer entrusts me with the technical management of his or her site, I consider it normal to be able to guarantee that the site is working properly after each update phase.
I’ve already spoken to professionals who have no qualms about invoicing customers after automating the update process, without including a manual check, and charging extra for interventions in the event of malfunctions.
I therefore deactivate all automation, and manually update in line with good practice so that any corrections or repairs can be made immediately.
My recommendation for updating your WordPress site
In the case of a personal site, with no budget, I strongly encourage you to set up a regular backup policy, with a good web host, and to connect at least once or twice a month to make your updates. If all this is too much for you, activate automatic updates, especially if your site is fairly basic (in terms of plugins and functions).
In the case of a professional site, entrust the technical maintenance of your WordPress site to someone whose job it is. You’ll be guaranteed a functional site at all times, and you’ll save time so you can concentrate on your business.
A website that is no longer working properly does not necessarily trigger a visual alert, and you may not notice until several weeks later that a crucial element of your site has broken down due to a poor update of your site.
It’s a risk you can’t take for your business.
A WordPress site update service generally costs between a few dozen and a few hundred euros per month, depending on the size and complexity of the site. This is a very small sum for a company, for which a website is a central element of its marketing strategy.
At Ikacode, we offer an ultra-complete maintenance, hosting and monitoring service, with many advantages that you won’t find anywhere else, so if you’re looking for a serious service provider to take care of the technical side of your WordPress site, check out our offer!
