WordPress Upgrades

Posted by:

WordPress 4.4 and Counting!

If you keep an eye regularly on technology news, you should have heard about the “Cross-site Scripting” which says that WordPress plugins have an open door for hackers and users need to immediately upgrade their plugins as they come in.

As a result, we saw an immediate jump from WordPress 4.1.1 to 4.1.2 and then within 24 hours 4.1.3.  As a developer these relatively small upgrades were crucial to all my websites.  Because they filled security holes that were exposed in many plugins.

Anyone with a WordPress website that is a stand-alone and not on WordPress.com, should start taking all WordPress upgrades very seriously. As of April 23, 2015 we had a major upgrade.  And on December 8, 2015 we are on WordPress 4.4., named for jazz musician, Clifford Brown.

Developers and tech savvy WordPress people can check out the new version 4.4.

The highlights of this new version are that WordPress now takes a smarter approach to displaying appropriate image sizes on any device, ensuring a perfect fit every time. You don’t need to do anything to your theme, it just works. And my favorite: Now you can embed your posts on other sites, even other WordPress sites. Simply drop a post URL into the editor and see an instant embed preview, complete with the title, excerpt, and featured image if you’ve set one. WordPress even includes your site icon and links for comments and sharing.

If you are a developer you are just dying to get your tweaky little code on all the new changes.  And the challenge of dealing with all those neat plugins that have not been upgraded yet to match the awesome new and improved powerful next version of WordPress just gets the old coding juices flowing. Mwwwaa.

However, if unlike me, you are normal and borderline sane, “Don’t panic.”  I used to recommend you wait a short while to upgrade WordPress. In fact, you may not have noticed that your WordPress site has automatically been upgraded for you.  That is, if you are sensible and have chosen a WordPress hosting service. Even WP hosts will wait a few days to upgrade WordPress.

For those who have decided not to go with a WordPress managed hosting service you will probably have to upgrade the software yourself.

Before you do any updates or upgrades, you must have a backup of your website.  Purchase this before you do anything else if you haven’t so far.  Unfortunately, if you don’t have a backup of your site you may break your website during an upgrade and have to start from scratch. Believe me this is not pleasant.  I also recommend that you learn to backup and restore your website so you don’t throw up if the real break happens.  It is not scary at all when you have practiced a couple of times and got the hang of it.

You will soon see that all your plugins will also require immediate updates.  A few years ago many plugins used to break the site and even some themes.  WordPress has become so reliable that it does not seem to occur any more with their approved plugins (that are also passed by your hosting service). Touch wood anyway.

If your hosting service provides a backup service, you need to make sure they include a backup of your website AND your database. A WordPress managed hosting service should include a one button backup and restore service for you.  If you don’t have a WordPress managed hosting service read on.

Let’s say you have hit the worst case scenario and your site breaks during the backup, you will need to immediately restore your website to its previous version.  Follow these instructions carefully and you will be fine.

  • First restore your website to the most recent backup you have on file
  • Restore your database to the identical date and closest time of your website restore
  • View your website in your browser
  • If it doesn’t look perfect, contact your hosting service and ask them to help you walk through the restore functions
  • Contact your theme developer and explain your issues.

Updating Plugins

  • Plugin updates are very frequent. The most comprehensive updates to plugins take place when there is either a major upgrade to WordPress or if there is a security threat to the plugin
  • Wait at least 48 hours before you update your plugins after a major WordPress upgrade
  • Upgrade or update your plugins only in the WordPress upgrade window and not through the plugin page/dashboard
  • If, for any reason, you cannot update your plugins through the WordPress upgrade page, and you must update a plugin through the Plugin page/dashboard, you will need to deactivate the plugin first
  • Once you have completed your plugin updates and something is not working on your site (a plugin or the site itself) return to your dashboard and go to your plugin dashboard
  • Deactivate all of your plugins and then activate them one by one
  • After activating an individual plugin (one at a time), return to your browser and reload the browser
  • Follow the same instruction for each plugin until you find that one plugin that is interfering with your website’s function or is preventing other plugins from working successfully
  • 99% of the time after an upgrade or an update, a site break or a plugin malfunction occurs as a result of an incompatibility of one plugin to another, or a badly coded plugin
  • Contact the plugin developer when you have identified the miscreant plugin and report it.
  • Please be kind and polite to all developers.  They are worth their weight in gold and are gods.

How Long Do I Wait to Update My Plugins

I like to wait a short while before doing any upgrades unless there is a major security alert as has currently taken place. You may notice that some plugins bleat at you to update immediately around the same time as the WordPress upgrade. Just follow procedures as above.  Sometimes I wait a couple of days and other times a little longer.  I can’t explain it but I just seem to know when and I rarely get errors.


Some hosting services experience DDOS attacks or XSS and often they allow a hacker onto a server and wreak havoc.  Recently, WordPress developers were informed that some plugins were vulnerable to XSS or Cross-Site Scripting. Pay very careful attention if you are told to update or upgrade your plugins.

If you would like to check your website for vulnerabilities, scan your site for indicators of compromise or outdated software. The sucuri.net plugin and Sitecheck can do that for free for you.

Good luck!  It won’t last long, but once your site is fully updated you will feel a whole lot better.

  Related Posts
  • No related posts found.