So here’s a question that I get asked often:
“How should I update my website’s plugins?”
Or a more accurate one would be:
“What are the best practices for updating plugins?”
And then there are those who will never update their plugins.
Why Update Plugins?
It is important to update plugins regularly because they often contain critical security patches, bug fixes, and performance improvements. Outdated plugins can compromise the security of the website, potentially resulting in data breaches, malware infections, or other security issues. Additionally, updated plugins can ensure compatibility with the latest versions of the website’s CMS or other plugins, preventing conflict issues. In short, updating plugins is crucial for maintaining the security, stability, and optimal performance of the website.
The following are best practices for updating your WordPress plugins:
Backup your website
Before updating any plugin, it’s always a good practice to take a complete backup of your website. This will help you restore your site in case something goes wrong during the update process. But how many people actually do this? It’s really not as tedious as you might think with some strategies in mind. Firstly, pick a designated date rather than doing this on an ad-hoc basis. For example, creating backups + updating plugins once a month.
Secondly, (and this is probably a hot take, and it’s just my opinion) it is better to create full backups via the CPanel or Plesk, rather than using a backup plugin via the WordPress dashboard. Why? Because it is more efficient, it saves you a plugin slot, it’s especially recommended for smaller/slower sites, and it’s more secure. The only real issue with this method is that it is slightly less convenient since you’d have to log in to the hosting back end each time. Plus it requires technical knowledge in order to restore the site using those raw backup files. Either way, fully backing up your site is never a bad thing.
Update plugins one by one
It’s important to update your plugins one by one very carefully, rather than updating all of them at once. This will help you identify any issues that may occur during the update process and fix them before moving on to the next plugin. So yeah, it can be a slow and painful process: Update a plugin. Wait for completion. Check the entire site to see if anything breaks. Wash, rinse, repeat. One by one. Slowly and carefully.
Update regularly
Pick a consistent schedule and try to stick to it. It’s recommended to update your plugins regularly, as updates often include bug fixes, security patches, and new features. Keeping your plugins up-to-date will help ensure your website runs smoothly and stays secure. But wait, there’s a catch! You’d want to update plugins regularly, but not immediately. Let’s go over this further in the next point.
Update after a day or two
There is no guarantee that a plugin update is secure. For example, an update might fix a superficial issue but at the same time introduces a fatal security flaw and other plugin vulnerabilities. This has certainly happened many times in the past. In such cases, the plugin developer will usually scramble to release a hotfix, especially if it is a popular plugin. So it isn’t the simple case of “Update = Good! Not Updated = Bad!”. Every update is a risk, and every non-update is also a risk. Sounds terrible right? But here’s what I do:
- Check the plugin update changelog.
- If it contains any critical security patch, then immediately update.
- If it does NOT contain any critical security patch, then wait for a day or two before updating. No rush here.
Read the changelog
As mentioned above, before updating a plugin, it’s a good practice to read the changelog to understand what changes have been made in the latest version. This will help you decide if the update is necessary for your website. Example:
This can be viewed via the plugin list page when you click on “View Version Details”. If you deem the update to be less critical, then you can delay a day or two before updating just in case there is a hotfix pending. But if the improvements are vast and important such as PHP compatibility and security fixes then you should update immediately.
Test the updated plugin
After updating a plugin, it’s important to test it thoroughly to ensure it’s functioning properly. This includes testing all of the plugin’s features and ensuring it doesn’t conflict with any other plugins or themes on your website.
By following these best practices, you can ensure that your WordPress plugins are updated safely and effectively, without causing any harm to your website.
Join our course and learn more about WordPress plugins.