Krista Rae

WordPress Development for Designers

10 steps to go from hours of code to development-free design projects

Download the free checklist to save yourself countless headaches and wasted hours!

Get the checklist

Why It’s So Important To Update Your WordPress Plugins

· Blogging + Business, WordPress

Pin
Tweet
Share

I know making plugin and WordPress updates can be scary. Unfortunately, hackers *love* it when you skip your updates!I always have a *facepalm* moment when I log in to a client site to get to work, only to find 10+ plugins with updates. If this is you, don’t feel bad, it’s also about 80% of my new clients so you’re not alone.

It happens so often that I have a pre-written paragraph that I send to them explaining why keeping things up to date is so important and how to do it. I also mention my monthly and quarterly maintenance packages in case they’d like someone to do it for them.

Now, don’t get me wrong, I honestly can’t blame my clients or anyone else.

It took a long time before I ran across an article explaining how important updates were. On top of not fully understanding, they used to scare the heck out of me. What if the update broke my website?! I’d heard of it happening to others and I wasn’t sure what I’d do to fix it if my website did go down. Would I lose everything?

Yes, plugin updates can occasionally cause problems, but the 2 minutes it takes to login via FTP and remove the broken plugin is much better than the possible alternative.

Why It’s So Important To Update Your WordPress Plugins

Think of it like this. Most of the time, plugin creators aren’t making updates for the fun of it. It’s not like they’re sitting around their apartment bored and think “Oh, I’m going to go push out a random update!”

Yes, sometimes they add new features or make a few simple tweaks, but a good portion of the time the updates are due to bugs or security vulnerabilities.

Now, think of yourself as a hacker. Hackers are always looking for security issues to take advantage of. It’s literally what they do. If you were that hacker and saw a big security patch was just pushed out for a plugin, wouldn’t you quickly learn how to exploit that vulnerability and use it to attack websites?

I’m not an awful person so I’ve never done it, but that’s what I’d do! 🙂

In case you’re doing a quick scan and didn’t put those two pieces together, a good portion of plugin updates are done to fix security issues. When security issues are fixed and you don’t update, hackers know exactly where to attack your website.

Other than hackers gaining access to your website due to weak passwords, plugin vulnerabilities are the easiest way for them to get in.

Some Plugin Update Examples

I went ahead and looked up some of the more popular WordPress plugins to show you the kinds of reasons they’re pushing out updates. Let’s take a look at a few.

Akismet

In October, Akismet pushed out an update that “closed a potential XSS vulnerability”.

What is XSS, you ask? It’s basically a security issue that allows hackers to inject their own code into web pages. Sometimes this is harmless, but other times it’s all it takes to allow someone to take over and possibly destroy your website.

Wordfence Security

Yep, security plugins have issues too. As a software developer, I can confidently say that no developer is perfect (as much as they want to be) and small bugs are easy to miss.

Like Akismet, an update to Wordfence “Fixed stored XSS vulnerability”.

You already know what XSS means, so I’ll just reiterate, sometimes these issues are nothing, but do you want to take the chance?

Disqus Comment System

The last quick example I’ll give is the popular commenting system, Disqus. Lately, they’ve released two separate updates with one of the items being “Security fixes”.

That’s all the information in the change log, but if you want to be safe here’s a place where you can assume the worse.

How To Update Your Plugins

I’m sure you get the point I was making above. The amount of damage that can be done through these security vulnerabilities definitely warrants a few seconds of your time to complete an update.

Think about it, you could truly lose everything.

However, it does take a bit more work than clicking the little “Update” links if you really want to keep your website safe.

If you see the little orange numbers in your WordPress Dashboard, you know it’s time for some updates.

Update Your WordPress Plugins

Here’s the quick process I use:

  1. Complete a full site backup using BackupBuddy. (If you’re looking for a free option, try Duplicator)
  2. Complete plugin updates
  3. Make sure everything still works as expected
  4. Tadaaaaaaa

Now, I’ve personally never had a problem on my own website. If you want to be even safer you could follow this slightly longer process:

  1. Complete a full site backup
  2. Complete one plugin update
  3. Ensure everything is still working
  4. Repeat steps 2 and 3 until all plugins are updated
  5. Tadaaaaaaa

That way, if a plugin did break your website you’d know exactly where the problem was.

See? That wasn’t so bad!

Now that you know that making plugin (and WordPress!) updates is worth a few minutes of your time, go do it! Remember, take a complete backup of your site just in case something does go wrong.

I know making plugin and WordPress updates can be scary. Unfortunately, hackers *love* it when you skip your updates!

10 Steps To Go From Hours Of Code To Development-Free Design

Click to go from hours of code to development-free design projects
Pin
Tweet
Share

You might also like:

Are you looking to book more clients for your business? You may be marketing your services all over Instagram with little return or finding that you lose prospects during the inquiry process. Whatever you’ve tried in the past, this post will cover 4 simple to make booking prospective web design clients a little easier.4 Simple Steps To Booking More Prospective Web Design Clients
Discover if it is a good time for you to begin outsourcing development work in your web design projects for your business through this blog post!Is It Time To Outsource Development In Your Web Design Projects?
Take each of these steps one at a time to simplify your business, get a bigger return from what is already working, make your tasks easier, and boost your income! Read this post for help getting started on seeing a return for the work you put in your design business.See A Return For The Work You Put Into Your Design Business
If you want to sell at a higher price point, you need to sell the results. We’ll cover the 3 secrets to a website that converts for your design clients!3 Secrets To A Website That Converts For Your Design Clients

10 steps to go from hours of code to development-free design projects

Click the button below to download your free checklist!