Installing WordPress Plugins is not a do once activity. They need to be updated for security, performance and functionality reasons.

Why do I need to update my plugins?

I have my plugins installed, they are doing what I what to do. I don’t need to update them do I, right?

Wrong

WP GDPR Compliance is a plugin to help you to make your website GDPR compliant. A bug was identified in all versions up to and including 1.4.2. This meant that hackers could gain Administrator rights to your WordPress website and therefore do untold damage. The vulnerability was reported on the WordFence website – https://www.wordfence.com/blog/2018/11/privilege-escalation-flaw-in-wp-gdpr-compliance-plugin-exploited-in-the-wild/. The bug was fixed in version 1.4.3.

As you can see from this example, it is important to keep on top of your plugins updates, if only for security reasons.

But there are other reasons to keep your plugins updated;

  • Performance
  • Enhanced Functionality
  • Improved Compatibility

We are not going to go into each one of those in detail, but as you can see there are plenty of reasons to keep your WordPress plugins updated.

How do I know when my site needs to be updated?

The good news is that WordPress will tell you when there are any updates to apply. The first indication is there will be a number against the Update icon on the Admin toolbar.

Admin toolbar showing one update to apply
Admin toolbar showing one update to apply

Alternatively, on the left hand menu, Updates will show how many updates there are to apply and against Plugins, you will see how many of them are Plugins.

9 Update to apply, 7 are Plugins
9 Update to apply,
7 are Plugins

Don’t just update without planning

Updating blindly isn’t without risk; there may be a bug in the release or compatibility issues.

As we have learnt from lots of pain, always backup before you do anything. At least that way, you have a position that you can restore from. Our favourite backup plugin is UpDraftPlus which has over 2 million installs. There are plenty of alternatives available to meet your backup needs.

Even better is to test before you update. In an ideal world, you should have a mirror copy of your live site. On this site, you can test any updates, making sure that there are no issues before applying the changes to the live site.

Each plugin will have its own Changelog, this enables you to understand the impact of the change and test the relevant functionality in the test system.

Changelog for Stackable - Gutenberg Blocks
Changelog for Stackable – Gutenberg Blocks

How do I update WordPress?

So after you have taken a backup, you can get on with updating. Against each plugin in the list will be an “Update Now” link. It is advisable to update each plugin individually rather than in bulk, so that if there is an issue, you only have one plugin to deal with.

Plugin entry showing "Update Now"
Plugin entry showing “Update Now”

When should I updated my plugins?

This depends on a number of factors. If you have lots of plugins, then you should be reviewing them monthly. It may not be necessary to update every month but at least you will know what work you will need to do. If you don’t have many plugins, then reviewing them every six months should be sufficient.

By using a security plugin such as WordFence, you can set it to report via email to you when there is a new version of a plugin available.

That all sounds too hard

If that all sounds to technical or is something that you don’t have the time to manage, then don’t worry – we have a solution for you.

Lens Digital offer a WordPress maintenance contract where, for a fixed monthly fee, we take care of managing your WordPress installation for you. For a free no-obligation chat, please do get in touch.

Categories: Blog

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *