If your business website or blog is run on WordPress, you will be familiar with the little red Updates circle at the top left of your dashboard. But do you keep your WordPress installation, plugins and themes up-to-date? If not, you are running the risk of your website being hacked or losing functionality.
WordPress is a fabulous content management system that is easy to use – and as a result is powering over 25% of the world’s websites. But its popularity and the fact that it is open-source (meaning anyone can see, modify and use the code that runs WordPress) makes it a prime target for hackers.
To combat this risk, the WordPress community releases regular updates to the software, and to the themes and plugins that are used on many websites. Sometimes the updates are designed to fix bugs, improve performance or to add new features, but often they are to address security risks and fix vulnerabilities. If you ignore these updates, your website is more vulnerable to attack – and can be found by hackers searching for websites running old, out of date versions of WordPress.
So if your website is self-hosted (i.e. it is not hosted on WordPress.com, but is hosted with a another web hosting company) it is important that you stay on top of the updates. These updates include the WordPress software itself, as well as the themes and plugins you have installed.
Some minor WordPress updates are performed automatically – however it is still important to check your website at least once a month to make sure there are no major updates or theme or plugin updates required.
Before You Update
Make sure you have a full backup of your website. This includes both the wordpress files and database. Check with your web developer to see how backups are being performed. In some cases a plugin such as BackupBuddy may have been installed. Make sure you are backing up regularly and that you have at least 3 backups of your website available in case something goes wrong with the update.
Performing The Update
On your Dashboard (once you have logged into your website), hover over Dashboard at the top left, and then go to Updates. If there are any outstanding updates to be applied you will see a small red circle with a number inside. The number refers to the number of updates required – including WordPress and your plugins and themes.
Click on Updates, and you will see a list of everything that needs updating. Perform the WordPress software update first. Then update the plugins and themes.
When you have finished performing the updates, check your website thoroughly and make sure all aspects of the site are working.
The Risks of Updating WordPress
There are some risks with updates – your theme and plugin may not have been updated to work with the new WordPress version, or customisation of your theme may be lost – however the risks of not updating are higher.
To combat these downsides of updates, you can double-check your plugins are compatible with the latest version of WordPress. To do that, visit the plugin website and check the compatibility (you can see the version number for the latest WordPress update with which the plugin is compatible. You can usually access the plugin website by going to the Plugins page on your dashboard, and clicking the links beside each plugin.)
Also, if you or your developer have added a lot of customisation to the theme you are using, you risk losing those customisations with the updates. For this reason, it is recommended that you use a Child Theme so any customisations are kept safe while updates are applied. Speak with your web developer about this issue if you have any concerns.
So don’t ignore the little red circle when you log into your website – or you run the risk of being vulnerable and attractive to hackers.
Action: If you log into the back end of your website regularly, always check your updates and make sure they are current. If you don’t log into your website often, schedule in your calendar to check for updates at least monthly.