Ahhhhh…plugins… Magical little jobbers that make a WordPress website do wonderful things with little to no effort on your part.
Until they need updates.
Aaaaand you’re not sure how to update plugins without breaking your site.
Most of the time there’s no problem running plugin updates.
If you’re like me and you’ve been burned, though, clicking update can feel a bit like playing Russian roulette with WordPress.
It’s not just the janky plugins, either, that’ll bite you in the ass when you update (or don’t update…that is unfortunately a thing, too).
Popular, well-regarded plugins have broken or completely hosed our site when I’ve clicked update without thinking first.
Yoast SEO. Social Warfare. Stackable Blocks.
Plugins have a downside, for sure. Their upside, however, is that they can make our sites better in nearly unlimited ways.
So most of us suck it up, take the good with the bad, and cringe a little every time we have to click update.
WordPress plugin updates are a necessary evil (sorry)
Developers release plugin updates for one or more of these reasons:
- The plugin update adds new features.
- The update somehow improves the plugin.
- The plugin needs fixes to be compatible with a new version of WordPress.
- Someone found a security flaw in the plugin and the fix prevents evil internet jerks from exploiting it to hack into your site.
When your website is important to your blog or business – but not something you enjoy working on for the hell of it – you obviously need to keep things running safely and securely.
Preferably with a minimum of hassle.
So let’s get into when it’s safe to click update and run, when you should exercise more caution and how to set yourself up for no-hassle updates going forward.
How to update plugins: The ‘Nike’ approach
If you can say yes to the following, you’re 99.9% unlikely to have a problem if you just do it (i.e., click update and let ‘er rip):
- You keep WordPress itself updated.
- Your site is built on a well-coded theme from an active, reputable developer or theme shop.
- You’ve carefully chosen your plugins and you keep them updated.
- You have a backup you can quickly and easily restore in the unlikely event an update does make things wonky.
That last bit about backups can make you downright cocky. Not a bad thing. As often as WordPress and plugins need updates, it’s good to just click update and not worry.
How to update plugins when they might break your site
If any of the following apply, caution is in order:
- You’ve fallen behind in your updates to either WordPress or plugins.
- The plugin that needs an update is one that’s burned you with past updates.
- A “developer” “customized” the plugin that needs to be updated.
- You don’t have a backup you can easily restore yourself.
- The plugin that needs an update hasn’t yet been marked as safe for your version of WordPress [I’ll show you how to check that in a sec].
There’s one exception to all of the above: If the reason for the update is to fix a plugin that’s vulnerable to hackers, update that sucker and let the chips fall where they may.
Once word gets out about a plugin’s vulnerability every cretin with a wifi connection begins scanning the internet looking for people who’ve yet to update. How do normal folk figure out why a plugin has been updated?
We check the Changelog, y’all.
How to open the pop-up that has the Changelog tab
Update? Or wait? What you, a fearless non-nerd, can look for in the Changelog to help you decide
What version of WordPress is running on your site?
How to update WordPress plugins without breaking your site
- Wait a week, just in case – as long as the Changelog doesn’t say the update is needed to address a vulnerability.
- Make a backup. Even if you don’t know how to use it, it’ll be there if something goes wrong and you have to hire someone to help you.
- Optional but recommended: Deactivate, then delete, any plugins you can do without.
- If a WordPress update is needed, do that first. Once complete, have a thorough look through your site and make sure nothing’s broken.
- If more than one plugin requires updates, do one update at a time, checking your site thoroughly after each update.
- If anything goes wrong, take note of which plugin caused the problem. Then, restore your site using the backup (or hire someone to do this for you).
Or, do it the easy way:
- Get Site Care – our service that includes smart backups, security scans and plugin and WordPress updates for only $24/month.
The safest – yet most impractical – way to update
If you look around the internet for advice on how to safely update WordPress plugins, you’ll inevitably find some other web developer telling you that you need to make a copy of your site and update that instead of your live site.
I can confirm that is indeed the least risky way to update. But for average folk who just need to get the job done and have to do it themselves, it’s unrealistic.
I’ve worked with enough solopreneurs that I get how impractical it is for you guys. Hell, it is for me, too – I’m solo as well. Unless I’m redoing my entire site I’m not working on a copy.
Don’t overthink it
In my eight+ years of working with WordPress, on my own sites as well as those belonging to clients, I’ve had trouble with updates only a handful of times.
Once was with the popular and solidly-coded Yoast SEO plugin. Somebody missed a semi-colon or something like that and breadcrumbs disappeared from my site after the update. Not a show stopper. Other incidents were even more forgettable.
My advice? Keep it simple.
Don’t install plugins you don’t absolutely need, or plugins that show signs of abandonment (no recent updates, unanswered complaints).
Keep it current. Log in to your site and update regularly, or subscribe to a Site Care plan that handles updates for you.
Finally, have a backup plan. Get automatic backups so you can update without a major freakout if there is a glitch.
Did I miss anything? Or spark any questions or further ideas? Let me know in the comments below.