WordPress is the world’s most popular content management system. It regularly provides updates to the software, which users should implement as soon as possible and a new feature just released in Version 5.5 allows for the automatic updating of plugins and themes. Site owners now have the option to turn on auto-updates for individual plugins and themes directly from the WordPress admin dashboard.
Since WordPress is so widely used for website design, it’s become a popular target for unscrupulous spammers and hackers to inject malicious code or malware for their own benefit. It’s therefore crucial that business owners who use the platform are aware of the importance of keeping the platform and any plugins up to date to ensure that the website’s security is current enough to tackle these common threats.
Launched on August 11th 2020, WordPress 5.5 is a preliminary implementation of auto-updates, although holding off on enabling those until a few weeks or months after that version was released is highly recommended. As with any major change to software, bugs or issues may be found and patched in the weeks after the release. So it’s important to wait to ensure that auto-updates in WordPress 5.5 has time to undergo rigorous real-world testing before enabling them.
It’s also important that site owners note auto-updates for plugins and themes is turned off by default in the new version. They will have to visit the theme or plugin dashboard to enable auto-updates and choose which packages to automatically update when a new version of the plugin or theme is available. Updates only occur if auto-updates are turned on for that particular plugin or theme.
Even when auto-updates are turned on, it’s still recommend that regular backups of the site are made. This is because some updates to plugins may cause an issue to the website in the future and it’s best to be protected and to roll-back any elements that may cause a problem. We would also recommend using a service such as Website Pulse or Status Cake to monitor your site’s availability.
WordPress believes that automating the updates rather than having to log in to the site regularly to perform required plugin and theme updates will help to address the vulnerabilities in out-of-date plugins, themes and less frequently, the WordPress core platform. This marks a major shift from the attended updates previously required in WordPress.
Auto-updates in WordPress 5.5 will only have an off or on toggle. Site owners will no longer have the option to select different types of updates, such as only applying security updates, or only updating to minor releases.
It is hoped this significant development for WordPress will reduce the vulnerability of the platform, as the instances of malware infections had been quite prevalent in the past. If site owners realise the importance of initially having to turn on the auto-updates then this step should help to prevent the headaches caused by such a malware infection, as prevention is much easier than cure.
If want to to know more about how important keeping WordPress updated is for your business, please get in touch.