This post comes to you from Eric at Narrow Bridge Finance. He is also the author of the amazing eBook The Personal Finance Arsenal, which teaches you how to save time, money, and headache when dealing with your finances.
On the evening of December 12th, I opened my WordPress dashboard to check out my stats for the day and plan out a few posts. I was pleasantly surprised to see that WordPress 3.3 “Sonny” was ready for WordPress sites around the world.
Having been a member of the Yakezie since the early days, I have seen many debates on the merits and risks of being an early adopter. Today, I want to explain to you why waiting to upgrade is probably a bad idea.
Security
The single most important reason to upgrade your WordPress installation as soon as possible is security. While some updates are focused on functionality, nearly all updates contain some security fixes. We have all seen the results of our hosts being hacked. We have discussed security plugins in the forums. You can read all about WordPress security at the WordPress Codex. It is a big deal.
Many of us rely on our blogs for income. Many of us use our websites for our businesses. How would you feel if your site came crashing down tomorrow because of a security hole? How much worse would you feel if you could have installed an update that would have defended your site against that exploit?
Do not gamble with your site. Do the right thing and upgrade to make sure it is secure.
Speed
Upgrades have also brought about new functionalities and speed increases. The 3.3 update reduces the heavy code to have expandable menus in the WordPress dashboard and replaces them with a flip out option. You can now get to different menus and options faster than before.
The new upgrade also replaced the “new” WordPress navigation bar with a newer version. It combines some old, familiar functions with a new look and faster access to the most used tools.
Under the hood, WordPress has a lot of code to give you a powerful application. The development teams are always working to make your site run faster and smoother. None of us really know what is going on back there unless you read the development notes for the release. Most of you have probably not heard of JQuery or the updates there. You probably don’t care as long as it works.
Trust the developers of this amazing, free application. They do a lot of testing to make sure everything is perfect when they push out a notification telling you to upgrade. It will work just fine.
Compatibility
This is where most bloggers get scared of updates. They are worried that when they run the installer, something will break. I promise you that if something goes wrong it is not because of WordPress; it is because of a poorly designed plugin.
To ensure your site upgrades smoothly, backup everything first. That includes your installation folders on your host server and all of the database files. It is always good to have a fresh backup just in case.
When you run the upgrade, things will probably work fine. If not, disable plugins one at a time until you find the cause of the issue. If you don’t need it, get rid of it. If you do, you might be able to find something better that does not cause a conflict. Having a fast and secure site is more important than any single plugin.
What Do You Do?
I upgraded all of my WordPress blogs within an hour of the official release, but I know that there are some of you that use release candidate or beta versions and there are others that are a full version behind.
Please share your strategy, successes, and horror stories in the comments. Have you upgraded yet?
Image by Nikolay Bachiyski.
I just re-launched Money Beagle into a new WordPress site yesterday (used to be on Blogger). I also have a couple of other sites under the same hosting plan running WordPress (including my challenger site). I wasn’t sure how quickly you should apply updates, but it does seem that they come out quickly. Plugins update as well as I think I have 4-5 of those to look at. Thanks for the heads up. Security is everything!
I am excited to see your new WordPress site. Make sure to keep good backups and everything up to date and I am sure you will be thrilled with the results.
I’ve never had one break my site to where it wouldn’t come up. Some have, but, as Eric said, it’s almost always a plugin issue. The security fixes are generally worth updating as soon as they come out.
I’ve updated already and for the exact reason that you mentioned. Security. I’d really rather not have to deal with that. I’m also an early adopter by nature. Especially if I am getting a product from a company I trust already.
I have only ever had one issue upgrading WordPress, and it worked fine on all of my other sites. It only took about forty seconds to fix though and I was good to go. Matt Mullenwag would never lead us astray.
How often does everyone backup? I’m doing it perhaps every 2 weeks – so theoretically I can get my content back with the feed (just no comments). Still manually… but I’m curious as to everyone else handles it.
I do daily database backups via plugin to my Gmail account, and then nightly httpdocs folder backup via my host that i manually download most days..
I try to backup my files monthly and do an automated database backup weekly.
I am not usually an early adopter of hardware or software…but this particular update had a bunch of security fixes
I am an early adopter on almost everything. I have done Beta testing on all sorts of programs and websites. I love being ahead of the curve.
Normally I’m right with you there when it comes to upgrading. It’s a good idea to upgrade pretty soon as a lot of the updates are there for security reasons. The only proviso I would add is to make sure to do a quick twitter and google search before you update – searching for the number of the upgrade (in this case 3.3), and take a gander and see if there are any problems reported or issues that people are having with the release. Also, waiting a day or two to see if anyone else reports issues with the upgrade isn’t always a bad idea. And always make sure to back things up before you upgrade.
I just upgraded a couple of my sites to 3.3, and had some problems where after I upgraded my admin site was no longer accessible. Unfortunately this time I hadn’t heeded my own advice, and I hadn’t searched before upgrading. If I had I would have read on Twitter AND Google that one of my more popular plugins was causing issues with the upgrade. I deactivated the plugin (by renaming the folder via FTP) and the problem was fixed. As mentioned, most problems you’ll have with upgrades are related to errant plugins.
Which plugin caused the problem?
I updated one site, but I was getting tons of traffic on TCI, so I’ve waited until today to do it. It usually all runs smooth!
How did it go for you this time around? I noticed that the caching plugins now give options in the nav bar, which is pretty sweet for busy sites.
Informative post – I’d have to say that I’m one of those ones that never updates WP for fear of breaking plug ins.
Your main WP installation is always more important than plugins. It is not worth risking a hack for a small functionality. Once the security fixes are released, everyone knows the holes in the older version.
I also tend to wait just a bit after an update becomes available but with the security fixes I did do this one earlier than usual. Thanks for the reminder!
Whenever I get the bar on my dashboard saying to upgrade, I run it on one of my lower traffic blogs to test it out and then work my way up to the bigger sites if there are no issues.
One small note to add to Eric’s great post. Update your plugins before you update your wordpress. In a few cases, the plugin has been broken by the new wordpress version, and an update has already been released. Updating the plugin first allows for that updated (read: not broken) plugin to be installed and eliminate any issues with the upgrade of the main software.
I always run plugin updates within a few days of their release. It is not as urgent as the main WordPress installation, but they often have security and bug fixes too.
I’ve been trying to reduce the number of plug-ins on FS and Y for the past 6 months, and they have gone down by about 5 each on average. Plug-ins really are the doors that allow hackers to attack, and we need to be vigilant.
I like to wait a couple days before upgrading, just in case there are major blowups post upgrading.
I agree regarding plugins. Anyone can build a plugin for WordPress, but only the WordPress staff can code upgrades to the base application. You can usually trust them, but you can’t always trust plugin developers.
I had no idea security was a factor with upgrades. Good to know. I am usually good at installing the update as soon as I hear about it.
Security is a big issue with all software, and WordPress is not immune. Make sure you have good security plugins too to make sure you know where you are vulnerable.
Great advice! The security benefits are enough of a reason alone for me. Everything else is gravy! I’m going to go upgrade now!
Have a fun upgrade!
I upgraded wordpress as soon as the update became available. Retire By 40 was hacked 3 times last summer! I hate hackers! I also tried to reduce plugins on the site and it’s difficult to remove things that are useful.
That is a nightmare to deal with. I have fortunately never been hacked. I would like to think my strong security practices help with that.
Great post, Eric. I usually update as soon as a new version comes out. I have not had any major issues with plugins, but Wp-Minify did not seem to be compatible with my site and did cause some issues. Disabling it fixed the problem.
I have had minify issues no matter what plugin I use. I am not sure why it does not get along with my sites.
Hi Eric, I just updated mine a few minutes ago. Thanks for the info and motivation. I lilke learning more about the “back end” of blogging.
I am always interested in knowing how everything works, not just that it works.
Great post! I like being an early adopter too, but I tend to test the waters on smaller sites I have until I put it on my main blog.
I do the same thing. I upgrade my smaller sites first to make sure it all works before moving on to the biggest ones.
Hey Eric, I know you are Thesis guy too. Have you looked at the new Thesis version yet and are you planning to be an early adopter for that as well? I read the release notes last night and am debating when I should upgrade my sites.
Already upgraded my two main sites. For the smaller ones it does not seem worth the hassle yet.
I looked into upgrading my WordPress but the newer versions run PHP 5 and my server runs PHP 4. Since I’m sharing a server I haven’t yet updated to PHP 5. I’m going to have to do this soon. My wordpress is quickly becoming outdated!
My host keeps my server running with the most up to date software, so I can do whatever I need on my sites.
When it comes to software, I am not an early adopter. I would characterize myself as slow and steady.
Be careful with that. You don’t want to be blindsided by a plugin issue when they update for the new version or a security hole.
I have never backed-up my site before! But I just downloaded the back-up and e-mail plugin and it worked great. Then I updated wordpress. Question: Does anyone have a view on the new built-in post subscription feature? I can’t tell where it stores the e-mail addresses. I can’t find a control panel anywhere, which does not seem to make sense to me
Hey NetWorthProject, I’ve never backed up my site either and I’m trying to figure out how the heck to do this WP upgrade. Can you tell me which WP plugins you used? And then what, just download them, activate the, deactivate all your other plugins, and upgrade? I’m so confused and have no idea where to start with this upgrade! Thanks!
Glad to hear you have a backup now. I am not sure about the new email feature. It could be stored on WordPress.com out of our control.
Great and applicable article topic :) I recently saw that WordPress wants to be upgraded… I’m pleased to hear it has better security features.
Did you run the upgrade yet?
Sorry for the basic question, I’ve been reading the WP site and don’t know how to backup my data, can someone explain it in plain English? And is it all the data that’s on my FTP? Should I just copy all those files somewhere else like a flash drive and I’ll be good? Thanks a lot guys!
You need to backup from two sources. First, take everything in your root folder (where WP is installed) and copy that via FTP. Next, use a database plugin to backup your posts, comments, and other important information. I use WP-DB-Backup for a weekly backup to my email.
Nevermind, I used a manual backup and BackWPup plugin, everything seems to be working, update complete! Sweeet.
Great advice Eric! You sound pretty savvy with WP. Been using it long? I’ve been tied up, but plan to upgrade over the weekend. Thanks for the kick in the butt!
I moved my sites to WordPress over 2 years ago and I try to understand how it all works under the hood.
Anytime I’ve had issues upgrading, it’s always because of a plugin. Best just to disable every plugin, upgrade WordPress and reactivate the plugins after.
That sounds like a lot of work but nearly a sure thing for having the upgrade work well.
When I saw this post title, I immediately assumed that I was running 1.0, but I found out that I am up to date.
Awesome! They make it easy to keep things updated.
I became paranoid about upgrading because of an incident where my blog broke when I updated. So I was a few versions behind recently and got hit by a virus. It hit not only my blog, but apparently all the other WordPress blogs on my hosting account. And it kept reinfecting again and again. I finally had to cry uncle and hire someone to help me slay the beast. Thanks to Jesse from Personal Finance Firewall hopefully I won’t need to worry about this again.
That is why updating is important. It is good to know why things work they way they do.
Okay, Eric, I’m off to upgrade right now! I learned so much from your post – many thanks.
Happy to be a teacher. Glad you enjoyed and are taking action!
Updating is always good but remember if you customize some installation file for your needs, it will be replaced by latest DEFAULT. So back up blog before updating, just for a case.
Very good point. Thanks for the reminder!
That is a very good point, particularly with theme files. Some themes allow you to export settings for upgrades, others just overwrite what you have customized.
If update of theme is coming, DO NOT FORGET to backup .css file. in my opinion, the most valuable file.