Updating WordPress website and plugins regularly is an essential security measure for your website. Outdated plugins make your site vulnerable to attacks and create an opportunity for hackers to break into your WordPress. With this in mind, the next time your site alerts you that there are plugins to update, you should move on. In this guide, we’ll point out the important role of updating your WordPress plugins and explain how to do it properly. Read on to master this security aspect of managing your website.
Table of Contents
Why should you keep updating WordPress Website plugins?
WordPress is a well-liked and user-friendly content management system. Open source means that anyone can inspect your code and customize it to their preferences, including hackers who do it for malicious purposes. Therefore, one of the three key things to think about when deciding whether to upgrade your WordPress plugins is making sure that your website is secure. Additionally, plugin updates promote better reliability and compatibility, as well as better overall WordPress performance.
When you’re busy creating content for your website and establishing your brand’s online presence, it’s simple to dismiss an update notification. However, skipping WordPress plugin updates exposes your website to risk. Outdated plugins are a common target for cybercriminals looking for a back door to your site. According to WPScan, out-of-date plugins cause more than 90% of known security breaches in WordPress.
Impact of Vulnerabilities by Component in WordPress
By gaining access to your WordPress, hackers can inject malware into your code, distorting the functionality of your entire site. This can start a downward spiral for your traffic, as visitors are unable to reach your site. Also, if search engines detect a related problem on your site, this can further damage your online reputation. In short, ignoring updates to your WordPress plugin can throw away all your efforts and your hard-earned ranking. Updates to plugins strengthen your website’s overall security by addressing security flaws. Therefore, you must diligently update plugins to secure your WordPress site.
Reliability and compatibility
Plugin errors are common, especially when a plugin is recently released or in a beta version. Unfortunately, an error can also occur with established plugins. These errors can be bugs or glitches in the plugin’s code, producing unexpected behavior that can negatively affect the functionality of your site. A faulty plugin can crash your website or make it inaccessible. The most recent versions of plugins typically include patches for issues that users have discovered and developers have recorded. The changelog, as seen in the picture below, keeps track of any bugs that have been fixed in new versions of the plugin.
Developers release updates to ensure the reliability of their plugins. Therefore, remember to update a plugin whenever a new version is published if you intend to continue using it. Also, WordPress core updates happen often and plugins need to be compatible to work properly. Plugin developers push new version updates that contain code improvements to meet new WordPress code and requirements. To make sure that your site functions properly, you should frequently install any updates that are available for WordPress.
enhanced WordPress functionality
Updates to plugins may come with new features or performance enhancements in addition to bug fixes. The plugin creators may have decided to refresh the design or implement new functionality to improve the user experience and efficiency. On top of that, good developers always strive to improve their code to optimize the performance of their products. Great plugins shouldn’t slow down the loading speed of your site. As a result, developers also promote script optimisations with updates to WordPress plugins. You must upgrade your WordPress plugins to the most recent version in order to benefit from these improvements. Read on for some safety measures you can take to reduce the chances of a WordPress plugin update breaking your website.
Before making WordPress plugin updates, there are a few things to consider or keep in mind. In this section, we will give you tips on how to prepare your site for upcoming updates and how to be safe in this process.
Check available updates
First of all, if you keep an eye on available updates, check which plugins are outdated on your site. To do so, navigate to your WordPress Dashboard > Updates. You can find all of the updates for your WordPress core, plugins, and themes in this section.
Check the change log
A good practice before starting a plugin update is to inspect the Changelog. This blog provides information about any bug fixes, enhancements, or new implementations in the new version of the plugin. To check the changelog of each plugin update, navigate to the Plugins page.
View version details (changelog)
If there are any new PHP needs or known concerns with themes or other plugins, the Changelog will inform you of these. It is advisable to review a plugin’s new features before settling on an upgrade plan.
WordPress plugin update changelog
If the new plugin version is incompatible with your WordPress theme, you may need to give the developers more time to resolve the issue before updating the conflicting plugin. In general, you should wait for a week or two to allow their developers to fix any bugs or incompatibility issues.
Choose which plugins you want to update manually and which ones automatically!
Choosing between updating WordPress plugins automatically or manually can be tricky. For example, plugins that are for backend use only and are not entangled with your site’s content are safe to update automatically. Even if the plugin has an issue after the update, your website won’t be significantly harmed.
However, when updating plugins that are critical to the operation and functionality of your website (like WooCommerce), you should proceed with extreme caution. Faulty updates to such plugins have the potential to ruin your WordPress. The same goes for page builders, galleries, or redirect plugins. That’s why it’s best to filter the changelog, make backups, and manually update such plugins with caution. In short, you have to update the plugins that are crucial for the functioning of your site manually. Other plugins with less importance for the operation of the site: you can update them automatically.
Create a backup of your site
As a general rule of thumb, you should always create a backup of your WordPress site before updating any plugins. Keep in mind that when plugin updates don’t go as planned, a backup can be your website’s lifeline. If the plugin update causes problems, but the Changelog didn’t raise any red flags, you’ll be thankful you have a backup.
How to update WordPress plugins correctly
Now that we’re clear about the importance of regularly updating your plugins and you’ve taken all the necessary precautions, it’s time to dive into the hands-on part of this process.
How to update WordPress plugins manually
There are a few different ways in WordPress to manually update plugins. Continue reading to see step-by-step instructions for each technique as they are described in this section.
From your panel
From your WordPress dashboard, updating plugins manually is the most simple process. To do so, log into your WordPress and navigate to Plugins > Installed Plugins > Update Available.
WordPress plugin update available
WordPress will show you a list of all the plugins that have an update available. From here, you can update the plugins one by one or update them in batches if you wish.
Update plugins one by one
In WordPress, you can update plugins one by one if you want to check if an update would cause a problem with your site. If a plugin update causes a conflict, you’ll know immediately what the culprit is. This way, you can revert to the previous version while you wait for the plugin developers to release an update to fix bugs.
Also, you can report the behavior of the plugin to its developers and give them time to test and rectify the problem. You might want to update just one plugin at a time, which is another factor to update each plugin individually. Whatever your reasoning, it is up to you. Simply click the update now context link next to each out-of-date plugin you want to update in order to update WordPress plugins one by one.
Update the WordPress plugin manually
You will see a confirmation message similar to the one shown below when WordPress updates the selected plugin.
WordPress Plugin Updated Successfully
Bulk update your WordPress plugins
There is a way to bulk update all your WordPress plugins simultaneously. This action starts the update process for all the plugins you have selected. Check the box to the left of each plugin you want to update in the list of WordPress plugins to update them all at once. Alternatively, check the box next to “ Plugin ” to check all plugins in the Update Available list.
Select all plugins for a bulk update
Checking that box will check all plugins in the list, and you can now select a bulk action from the respective dropdown. Following that just click Apply and WordPress will handle the rest.
Apply a bulk update to all WordPress plugins
When the update process is complete for each plugin, WordPress will display a success message.
Update your WordPress plugins via FTP
If for some reason, you do not have access to your WordPress dashboard, you can resort to updating WordPress plugins through an FTP connection. To use this method, you will need to download the latest version of the plugin from the WordPress.org repository to your computer.
Download the new version of the WordPress plugin
The plugin will download to your computer in a zip file, so you will need to extract the plugin folder from the zip file. To log into your site via FTP, you’ll need your FTP credentials, and you can get them from your hosting provider. SiteGround customers can easily create and manage FTP accounts from their Site Tools > Website > FTP Accounts. To get your FTP credentials, click the Actions menu next to the FTP account and select FTP Credentials.
FTP Site Tools credentials
With your credentials in hand, you can establish an FTP connection with an FTP client like FileZilla. When you’re connected, list the contents of the wp-content directory by clicking on it to find the plugins folder. After listing all of your plugins, expand the plugins folder, then right-click the plugin folder you want to update. Select the download option to get a backup copy of the outdated plugin, just in case.