Home Forums WordPress, blogging, SEO WordPress can now auto-update plugins, but should you?

Viewing 1 post (of 1 total)
  • Author
  • #4099 Reply

    WordPress 5.5 arrives (or arrived) in August and one of the new features is the ability to automatically update plugins. Many people think that hackers try to hack the login form on sites, but logins are actually the least of your worries. Most hacks are through security flaws in plugins.

    As soon as a security flaw is discovered in a plugin, the developer fixes it (we hope) and an update is issued. Those people that install the plugin update are safe, those that do not are at risk.

    For this reason, it is a good idea to update plugins as soon as you can, but some people leave it days, weeks or even months with forgotten or abandoned sites. During this time, hackers may use a security flaw in a plugin to gain access.

    The automatic plugin update option might seem like a good one to enable, but think twice before you do it. Updates will most likely occur when you are not around, such as when you are asleep and if there is a compatibility problem with your site, a plugin could take it down. It might be down for many hours before you discover it. you might even be away on holiday or a trip for a week or two.

    For this reason, automatic updates are not a good idea. Update plugins manually and test your site straight after to make sure it is OK. It almost certainly will be, but you never know. You can also run a backup before updating a plugin so you can undo the update if it is not right.

    Wordfence has a good article on the subject of automatic plugin updates for WordPress and it is worth reading.

Viewing 1 post (of 1 total)
Reply To: WordPress can now auto-update plugins, but should you?
Your information: