Deciphering WordPress Update Notices

If you’re new to WordPress, you may feel a little apprehensive about, well, doing anything other than adding blog posts or editing page content. That’s totally understandable, and for our clients in particular, we leave you with a site that’s essentially built to fit. So you could theoretically leave all settings alone and things would work until the internet becomes self-aware and takes over the planet with an army of giant robots.

However, you’ll probably see notifications on your WordPress dashboard about available updates. These fall into three areas:

  • Core system files, or the engine that runs the train known as WordPress
  • Plugin files, or all of the cool functionality we’ve built into your site
  • Theme files, or the layout/design/front end of your site

For Atmosphere sites, the only area that you absolutely should not touch are Theme files. While we build with an open-source theme, some of the files are customized and any updates will overwrite those customizations. In general for WordPress, this is a safe thing to do as long as you haven’t gone in and mucked with the PHP code, but since that’s our M.O., please stay away from it.

Core files are probably the most important update. They also run the biggest risk of crashing your site – however, that “big” risk is still fairly miniscule. Core files provide both functionality and security updates. These are vital to the health of your WordPress site, particularly higher profile or higher traffic sites as those are often more targeted. For most sites, updating core files is a simple process that involves a click and about 30 seconds of the host going through the auto-update process. If the auto-update process fails, you will see a maintenance screen on your site and that will require a deletion of that file in your root directory (FTP or use your host’s file manager to look for a file simply called .maintenance). Once that file is deleted, your site (still at the original revision as the update failed) will be back to normal and you can attempt the update again. In general, we recommend backing up files prior to updating. The chances of failure are very small, and the chances that the failure causes headaches beyond that single placeholder deletion are even smaller, but it’s always better to be safe than sorry.

In general, it’s safe to update all plugin files. The one you should absolutely always update is Akismet, as that is your spam protector and updates to that plugin create a stronger shield against spam. Outside of Akismet, plugin updates are generally fix security issues and patch bugs. In some rare cases, they are major systemic updates that alter a plugins functionality. For those issues, plugins should be inherently backwards compatible to your current setup and only add in new features. There are rare instances when it will create a problem. The good news is that you can always find the archive of the plugins revisions (in the Developer tab of the plugin’s WordPress.org), delete the updated plugin and upload the older version that was working on your system. We suggest 1) reading the update notes 2) updating as appropriate 3) doing a quick looksee to make sure everything’s OK.