Why You Need to Update WordPress

Did your website ring in the New Year, or is it stuck in 2014?

It is important for your website to begin this year with the updated version, and thanks to WordPress, the first major update to WordPress 4 was released a couple of weeks ago.

If you’re a typical business, keeping WordPress updated probably isn’t a top priority. You have clients to meet and work with, you attend professional training, and you try to maintain a work/life balance. For these reasons, WordPress updates get pushed to the back burner for many businesses.

How many WordPress sites need updates?

A month after the release of WordPress 4.0.1, I conducted a study to see how many websites had yet to update WordPress. For my sample group, I pulled from a wide selection of industries and limited my sample to websites of businesses currently in operation.

To say that I was surprised at the results is an understatement. Of the 1,616 sites inspected, 428 (26.49%) of them were running outdated versions of WordPress.

WordPress Update Stats

While several WordPress sites had updated to WordPress 4, there still existed a large number of outdated WordPress installs in my random sample group. Especially troubling are the number of pre-3.9 sites, 267 or 62.97% of outdated sites. This means that these websites haven’t received any maintenance nor security updates in over a year.

What about automatic updates?

I spend a good portion of my day talking with businesses that are either currently using WordPress or want to use WordPress. For the businesses that are already using WordPress, we normally talk about updates. What I’ve realized is that most WordPress users think that their sites are always receiving updates because of the automated update capability.

With WordPress 3.7, WordPress gained the ability to automatically apply security updates as soon as they’re released. This was a major step forward for WordPress users because patches are applied automatically to keep WordPress secure. Sounds great doesn’t it? It is great, but there’s a catch.

WordPress doesn’t automatically apply major updates (e.g. 3.7 to 3.8 or 3.9 to 4.0). You only get the minor security updates (e.g. 4.0 to 4.0.1). In the short term this keeps your site secure. But in the long run your site’s version of WordPress will no longer be supported and your automatic updates will stop.

What’s a minor or major update?

Minor updates are just that, minor. They are released to address a bug or patch a security vulnerability. You’re not going to gain any new features, and the only changes to code will be to address bugs and security so there’s no way your theme, plugins, or custom code will stop working. Minor updates are like WordPress 4.0.1.

Major updates are very different. These are updates that include new features, make WordPress faster, and if it’s released at the end or beginning of a year, you’ll also have the annual default theme installed. Major updates can also include updates to WordPress code that can break plugins or themes that haven’t been updated in years.

If you want to have the most secure WordPress site possible, you need to update WordPress with each new version that’s released. Automatic updates take care of the minor updates, but major updates will require a visit to your dashboard.

Updates might break my plugins!?!

It’s possible, but let me give you some background info before you decide to never update WordPress again. WordPress has been around since May 2003. How much has your business changed in 12 years? Think about how much technology has changed since then.

To keep WordPress modern, sometimes it’s necessary to remove or replace old code. These changes keep WordPress fast, responsive, and in-line with modern web best practices. When the Core development team makes the decision to remove a function, it doesn’t happen overnight.

Removing a function from WordPress takes years. So while it is possible for a major update to break a plugin because it uses old code, that’s a plugin that you don’t want on your site anyway. If a plugin that provides core functionality to your site hasn’t been updated in over a year, it’s time to look for a new plugin.

So unless you’re running an old plugin that needs to be replaced, you don’t have anything to worry about when updating to a new major version of WordPress.

What if I don’t have time (or don’t want) to make updates?

One of my favorite sayings is, “We all have the same 24 hours in a day, but it’s up to us to decide what we do with them.” It’s my favorite saying because it’s so true even if I have to repeat it to myself often. If making WordPress updates isn’t how you want to spend your time or if it doesn’t fit in your 24 hours, you have another option.

A few months ago, we opened sign ups for our WordPress Support & Maintenance service. Support clients have their WordPress updates handled by us, so they never have to worry if their site is updated and secure.

But we don’t just manage WordPress updates. Themes and plugins are also updated so that bugs and security patches are applied as soon as they’re available. Plus our clients get access to our development team to make changes and updates to WordPress whenever they need them.

Conclusion

WordPress has a major release every 3-4 months and often a couple of minor releases in between. To keep your WordPress site secure and have access to the latest features and performance boosts, you should always update.

Most WordPress updates are as easy as clicking “Update WordPress”. But if supporting and maintaining WordPress isn’t your idea of fun, we can help. Just take a look at our support plans to see how we can take care of your website.