Just moved from Blogger to Wordpress and now I am apparently responsible for keeping all my themes, plugins and Wordpress itself updated. What’s the easiest way to do that?
Congrats on the jump from Blogger, for sure, but you’re right, now that you are running a WordPress blog (or any site with WordPress as the content management system — or CMS — underneath) you do need to ensure that all the moving parts are continually updated. Fortunately the latest generation of WordPress makes it pretty easy with the contributor toolbar that shows up on the top of the site if you’re logged in already.
Still, I recommend that you get into the habit of checking for updates every 2-3 days, which can be quite a change from “ignore the issue, someone else has you covered” as you find on Blogger or other hosted solutions. If it’s too much, you might have made a dangerous move because once an exploit is known and fixed, that means nefarious hacker types are then busily looking for blogs that haven’t updated yet so they can be circumvented for their nefarious needs. In other words: keep up to date to ensure the security of your site!
Fortunately as I said, it’s not a particularly onerous task.
For example, on my Intuitive Business Blog, here’s what I saw along the top when I checked the site this morning:
In this instance you can see that there are three updates available — the “3” adjacent to what looks like a double-recycle-arrow logo — and that there are also three comments needing to be moderated (they’re likely spam, alas. Akismet definitely helps, but spammy comments still sneak through).
The fast way to update the plugins or whatever else is now out of date is to click directly on the recycle icon. This brings you to the Updates page, which is broken down into three sections: WordPress itself, your plugins and your themes.
From the top, here’s what I saw:
Good. WordPress itself is updated. A bit lower down, however…
As is almost always the case, these updates are tiny incremental fixes that probably are bug fixes and security tweaks. Super important, even if I go from 1.2.2 to 1.2.3.
On the bottom of the Updates page, it also shows the status of my themes:
Moving back to the middle of the page, click on the checkbox adjacent to “Select All”.
Now click on “Update Plugins” and, with no further intervention, everything zips along and…
That’s it. All three plugins were updated with just a couple of mouse clicks.
Oh, and in case you aren’t seeing that handy toolbar along the top, simply log in to the administrative backend of your WordPress system and look for “Updates” off the “Dashboard” menu:
That’s it. You now have no excuse for running out-of-date plugins, themes or versions of WordPress. You’ll thank me for the added security.
Can you tell me why a developer would not update a clients WP site to the latest version? I’m working with a client and noticed she has an outdated version of WP. There is a link which says update to 3.9.1. So why is the developer not updating it? It’s free right, and takes no time at all. I don’t get it. Why would you not update ??
The problem with WordPress updates, Tom, is the problem with all open source software: too many updates, too often. I think people are intimidated by the ceaseless daily updates to plug-ins, themes and WP itself, plus they’ve heard that there could always be compatibility problems that crop up. Logical response? Drag your heels on the updates.
[…] That’s it. You now have no excuse for running out-of-date plugins, themes or versions of WordPress. You’ll thank me for the added security. Comments […]
[…] That’s it. You now have no excuse for running out-of-date plugins, themes or versions of WordPress. You’ll thank me for the added security. Comments […]
Thanks very much for this, Dave.
I already have the Better WP Security plugin for my WordPress blog. Can I also install Wordfence? Or will that create a conflict — or maybe it’s overkill?
Not sure if they step on each other, but you can try it and see. Or ask the authors if they’re aware of each other’s tool and why their plugin is better? 🙂
The free version of the WordPress security plugin ‘Wordfence Security’ will email you when plugins need updated. Makes it very easy to know when updates are needed.
“Wordfence Security sends security alerts via email. Once you install Wordfence Security, you will configure a list of email addresses where security alerts will be sent. When you receive a security alert, make sure you deal with it promptly to ensure your site stays secure.”
https://wordpress.org/plugins/wordfence/faq/
I am a big fan of Wordfence and run it on all my sites, Vince. Good tip!