Upgrading WordPress can appear to be as simple as pushing a button. But it really isn’t. Not if you want to do it safely — and avoid the risk of bringing your site down, or even worse, losing data.
Recommended WordPress Upgrade Process
- Backup your database
- Backup your website files
- Verify your backups include everything (test them!)
- Deactivate your plugins
- Download the updated WordPress version directly from WordPress
- Delete the old files (with some important exceptions, see below)
- Upload and extract the new WordPress version
- Go to ‘yoursite.com/wp-admin/upgrade.php’ in your web browser to check if a database update is required, and apply it if needed
- Upload any plugin and theme updates
- Reactivate your plugins, checking for any problems as you go
- Clear the cache for your site
- Test the site is fully functioning
Woah, That’s A Lot Of Updating
This manual update process may seem like overkill – and it may well be, depending on how critical the site you are upgrading is to your business.
You might wonder why all this is necessary when WordPress itself just gives you a button to push…
Well, it’s all about choice and flexibility with WordPress – you are in charge, if you want to be. So there is the option to take the quick and risky way, or the slower and safe way without losing data.
Or some middle ground that you determine is the right process for your site.
Just bear in mind the nice convenient WordPress ‘Update’ button will not back your site up. Or check plugins for any conflicts. Or test that your site still works. Or fix any problems you might encounter of course. So should at least have backups, and know how to use them! Updating manually is the safest route.
You can save yourself all the hassle of course if you simply outsource your WordPress management. For small businesses this is a no-brainer. If it’s just a hobby site, it may not be worthwhile.
Deleting Old Files When Updating?
It may seem extreme to delete the old WordPress install before adding the new one. But this is still currently how WordPress themselves recommend you do it – despite that nice easy button option.
Why? Two reasons, the update process may not overwrite all the files (depending on user/file permissions) it needs to. And you may end up with files that are no longer required left hanging around.
Files Not To Delete
It’s really important that you don’t blindly delete the entire folder where WordPress is installed though. These files should NOT be deleted:-
- wp-config.php – this contains the database login details amongst other things
- wp-content folder – all the Media (images, photos etc) you upload are stored in here
- .htaccess file – you may have extra custom rules in here that make your site work
Of course if you have also uploaded other files or customisations in other places, you’ll need to add those to the list too.
What Are WordPress Automatic Updates?
Some bugs, typically rare ones, can leave websites highly vulnerable to security problems. If the WordPress team discover a problem that is serious enough, they can push WordPress (or a plugin) to upgrade itself.
These security updates are normally fairly minor in terms of code changes, so the risk of breaking anything is very small. And such updates are not taken lightly.
You can however disable such updates if you wish. We’re not going to cover that here however as 1. we don’t recommend it, and 2. you do need specialist technical knowledge to do it.
Will A WordPress Update Affect My Site?
They are always adding new functionality. At the same time, you or your web host will also be updating php and MySQL versions — the technologies that make your site work. So sometimes older code needs updating to cope with those changes too. This can cause problems if e.g. the version of php on your web server hasn’t been updated in a long time.
Similarly, changes to the way WordPress works can also affect plugins or your theme. If a plugin has not been properly maintained it may stop working when you update WordPress.
Generally everyone does their best to avoid these conflicts, but they do happen from time to time. As long as you have a backup (and know how to use it) you can always go back to a working website if things go wrong.
How To Upgrade Very Old Versions Of WordPress
If the WordPress version installed is actually more than a couple of major versions old, it’s safer to upgrade incrementally. That is, don’t jump too many versions in one go to get to the latest version.
A major release is an increase in version number from e.g. 4.8 to 4.9. It’s wise not to skip more than one major version – so you can safely go from 4.7 to 4.9. But if your site is still on version 4.5, you’d be wiser to upgrade to version 4.7 first, then to 4.9 etc.
You can download all older versions of WordPress from their official site here.
If your plugins are also out of date I’d recommend updating those first. Then updating the WordPress version. You may need to upgrade plugins again after each jump in WordPress version. You will likely also need to upgrade your theme so hopefully you or your developer created a child theme so any customisations won’t be lost when you update.
Does this all seem like hard work? I agree, it is! But if you don’t upgrade you can leave your site seriously at risk of being hacked. The vast majority of compromised WordPress sites are as a result of running old code that has already been fixed.
If you would rather someone else takes care of this headache for you, then please do get in touch and we can create a Custom Care Plan for your website. That includes getting you fully up to date to start with.