In today’s tutorial we see how to manage and control automatic WordPress updates, to always have control of what is updated.
What are automatic updates?
It is a novelty introduced in WordPress 3.7 that automatically makes, WordPress will update itself. In other words, without having to hit any button. He just decides that it needs to be updated and he does.
By default, these updates are only executed in the case of minor updates. For example, from WordPress 4.3.0 to 4.3.1. These types of updates include things like minor improvements, bug fixes, or fixing vulnerabilities.
So, when WordPress 4.4 arrives this December, let’s not expect it to “update itself”, because it won’t. These types of updates are considered “major” and do not run on their own.
It is important to note that if there is a major grav vulnerability in a popular plugin, such as Jetpack, Yoast SEO, WooCommerce, etc. Those updates can also be executed, if WordPress chooses to do so.
Disable automatic updates in WordPress
Although personally I do not advise disabling automatic updates, since its function is precisely to avoid greater evils (let them hack us)It is true that sometimes it can be advisable.
For example, let’s imagine that we have an eCommerce on which our income depends. Or even one on which other people’s income depends. In those cases having automatic updates can be a bit dangerous.
Although it is true that its main objective is to keep us “safe”, it is also true that on occasion (very remote, but existing) It may affect another plugin or create an incompatibility that may affect the proper functioning of the website. And that means that customers may not be able to buy, or even that the web will “break”. And that’s not a scenario we don’t want at all.
By the way, if that happens, I recommend the , to solve any type of error or “blank screen”.
Anyway, the fact is that if we want to disable automatic updates, we only have to add a line of code in the wp-config file:
define( ‘AUTOMATIC_UPDATER_DISABLED’, true );
Just by copying and pasting that line we will have already deactivated them. All. Those of WordPres, those of plugins, those of themes… Each and every one of them.
And if we only want to disable the WordPress ones, this would be our line:
define( ‘WP_AUTO_UPDATE_CORE’, false );
Simple as that. But watch out! If we do that we must be responsible for carrying out the updates ourselves. Deactivating them can be a big problem if we do not update WordPress manually periodically.
When should I have them activated?
If you simply have a blog or corporate website, I would recommend that you have them active, since that way you can not worry about the issue.
If, on the contrary, you have a business whose income depends on the web, I would deactivate them. But in return, you will have to periodically check for updates, run them manually, and check if everything is still working correctly.
If the update is simply about modifications and news, I recommend you wait a few days for others to update, to make sure there will be no incompatibilities. More or less a week or 10 days.
If, on the other hand, the update is security critical, as is evident, update ipso facto, at the speed of light.
You can find out what type of update it is by clicking “See details” in the updates panel:
I highly recommend this always! That way you will know the news (which is always good) and what that update fixes. And if something goes wrong, you will be able to deduce where the conflict has been generated. Note that the more updates you “let go”, the more chances you have that something fails, and the more difficult it will be to know why it failed, since there will be many more modifications.
Activate all updates
On the other hand, if you are braver and want to activate all updates, whether they are major or minor, you can also do it, with this line in wp-config.php
define( ‘WP_AUTO_UPDATE_CORE’, true );
Be careful, because with this WordPress will always be updated! Although it is true that WordPress is “backwards compatible”, which means that “it will not break when you update”, not all plugins can be prepared for new versions, so proceed with care.
Can it be done with a plugin?
If you don’t dare, don’t know or don’t want to modify the wp-config.php file, there is a plugin to control all this. It couldn’t be any other way, this is WordPress 🙂
The plugin itself is called . Although it has not been updated for more than two years, it works perfectly. It’s from Gary Pendergast, a WordPress demigod, Automattic worker, and core contributor, among other things. So don’t hesitate to use it. In the recommended plugins directory of the subscribers you can find more recommended free plugins.
Once activated you will find a new menu in “Settings”, which will allow you several things. First, you can choose what to update:
We can choose between all of the following options:
- Update WordPress
- major updates
- Minor updates (what comes by default)
- Update plugins
- update themes
So, only by selecting these boxes we can activate or deactivate automatic updates as we want.
We also have a couple more very useful settings related to the notifications we receive by mail when automatic updates are executed. By default we always receive an email to the administrator’s email. Ok, so we can change that:
The first thing we can choose is which email to receive notifications. This is very useful if you have many WordPress websites, since when they are all updated, your email will be flooded with these notices. So you can receive it or filter it to that email. And on the other hand, we can deactivate these notifications, which I do not recommend, since it is convenient to be aware of these details.
And finally we can activate if we want to receive a “report” on how the updates have gone. If they have been successful, if they have not been, what has happened, etc.
By default, the option to receive it only for developer updates is marked, but we could choose to always receive the report, or never.
For risk lovers
And we end with a curiosity that may interest risk lovers, or . If you want, you can even upgrade to the future versions of WordPres.
And I’m not talking about traveling to the future, but simply testing as a “beta tester” the versions of WordPress that are being developed, which are currently in beta version or Release Candidates. We can do this with the plugin, by Peter Westwood (another demi God of WordPress and lead developer) which allows us a couple of options that we find in the “Tools / Beta testing” menu:
We have a couple of options. The first “Point release nightlies”, more stable. And secondly, the “Bleeding edge nightlies”, which includes all the changes that are made in the core, whatever the state. This can be a bit unstable in certain cases.
Obviously, I do not recommend using this plugin on your production websites. This is just to experiment, or test on your staging site if your plugins or themes are going to have any problems with future versions of WordPress
Summary and conclusion
WordPress automatic updates are good in most cases, but there are times when you may want to turn them off.
We can do it by code or with plugins. Both methods allow us to decide what type of automatic updates to activate or deactivate, and whether to receive notices or reports on how they have gone. For risk takers and developers, we can also activate beta versions of WordPress.
That is all for today. If you want to know more, take a look at the , all of them guided step-by-step video tutorials in real time. And if you have any questions, you can send it to me through the “Support” tab of the 🙂
Facebook Comments
Disqus