The first step toward securing your WordPress website begins with a plan to update WordPress’ core files, themes, and plugins on a regular basis. This is important because these updates may not only introduce new features or fix bugs — they may also address critical security vulnerabilities.
The problem is, many small businesses don’t realize they need to take that first step, until their website is hacked. Furthermore, most WordPress websites run in a shared hosting environment, which makes it easier for the infection to spread from website to website.
Introducing Easy Updates for All
Fortunately, the developers behind WordPress are doing everything possible to make WordPress websites more secure. For example, in 2013, a feature called “automatic background updates” was introduced as a way to optionally update WordPress’ core files without visiting the website or even logging into WordPress. In the summer of 2020, this feature was extended to include theme and plugin updates.
Yikes! Your Site is Experiencing a Technical Issue
At first glance, these unattended updates may be a dream come true for website owners and hosting companies — until something goes wrong. The fact is, an update may introduce conflicts with existing plugins and cause your website to go offline or behave erratically.
While these unattended updates make it easier for hosting companies to encourage customers to do the right thing, most of their customers have no idea what to do or who to contact when they receive an auto-generated email informing them that their “site is experiencing a technical issue”. That’s assuming the message wasn’t ignored or didn’t end up in a spam folder.
What About “Smart” Plugin Managers?
In recent years, hosting companies like WP Engine began offering “fancier” automated/unattended updates for a small monthly fee. However, if you’re not a WordPress developer, you’ll need one to interpret the fine print.
For example, Smart Plugin Manager may cause issues with custom code or third-party applications. And it doesn’t update private themes or those that require manual updates. So, if your theme doesn’t exist in the WordPress repo, chances are, it won’t get updated. And actually, considering what can go wrong during a theme update, that’s a good thing… as long as someone regularly tends to the updates that Smart Plugin Manager can’t handle.
Another thing to consider is that Smart Plugin Manager may report false positives or negatives and, ultimately, you may need to manually restore your website to a previous state… if you get the notice.
Let WPSimplifyd Worry About Your Website So You Don’t Have to
For these reasons, WPSimplifyd turns off all automatic updates, and manually updates your WordPress core files, Themes, and plugins on your live website — after a WPSimplifyd WordPress expert manually tests each update on a staging server. That said, there is more to securing your website than just updating software. That’s why WPSimplifyd installs and configures a premium security plugin and uses a variety of techniques to lock out bad guys.