Keeping Plugins and Themes Current
Outdated plugins and themes are the most common entry point for WordPress security breaches. Keeping everything updated ensures your site remains secure, fast, and compatible.
Checking for Updates
WordPress checks for updates automatically. You will see a notification badge on the Dashboard > Updates menu item and next to Plugins and Appearance in the sidebar when updates are available.
Updating Plugins
- Go to Dashboard > Updates.
- Scroll to the Plugins section.
- Select the plugins you want to update by ticking the checkboxes, or click Select All.
- Click Update Plugins.
Alternatively, go to Plugins > Installed Plugins and click Update now under individual plugins.
Updating Themes
- Go to Dashboard > Updates.
- Scroll to the Themes section.
- Select the themes to update and click Update Themes.
Enabling Auto-Updates
WordPress allows you to enable automatic updates for individual plugins and themes:
- Go to Plugins > Installed Plugins and click Enable auto-updates next to each plugin.
- Go to Appearance > Themes, click on a theme, and enable auto-updates from the theme details screen.
Best Practices
- Always back up your site before running updates, especially for major version changes.
- Update plugins one at a time when possible so you can identify any plugin that causes problems.
- After updating, test your site by visiting the front end and checking key pages and features.
- If an update breaks something, roll back using a plugin like WP Rollback or restore from your backup.
- Remove plugins and themes you no longer use. Inactive but installed code is still a potential vulnerability.
Premium Plugin and Theme Updates
Premium plugins and themes from marketplaces typically require a valid licence key for automatic updates. Enter your licence key in the plugin or theme settings to receive update notifications. If your licence expires, you will need to renew it to continue receiving updates.