6 Smart Ways to Handle WordPress Plugin Updates

WordPress plugin updates are generally good for your site… at least when they work properly and don’t crash the whole thing.

In other words, your WordPress plugins – especially if you have many – might need some update management, whether you like it or not.

Here are a few questions to ponder: (1) Should some of your plugins be auto-updated? (2) Should all of them? (3) Are some significant enough that you should review an update or even decide whether it should happen beforehand? (4) Should you update as soon as an update is available?

Those are not easy questions, but in this post, I’ll try to make it all a bit clearer. Here’s how to effectively manage your WordPress plugin updates and the free tools that will help you do so.

Why it’s important to update your WordPress plugins

Let’s start with the basics. Plugins are a great way to expand your site’s functionality, and you know that. However, they need regular updates to maintain a good user experience and keep your site secure.

Outdated software can provide a backdoor to your site for those with malicious intentions. Often, software vulnerabilities become known to hackers, who then exploit the plugin to gain access to your site and its database.

In fact, plugin vulnerabilities are the most common cause of WordPress hacks. Updates help mitigate this risk.

Plugin updates typically include patches for known vulnerabilities, which can increase your site’s security. They may also contain fixes for other errors.

Plus, most developers release updates with enhanced code to help make your site lighter and faster. These updates can also include new features that add more functionality to your site.

How to manage WordPress plugin updates

Here are my top six tips to help you manage your updates effectively:

1. Decide what to update automatically

Not all of your plugins are safe for automatic updates.

I wouldn’t update any of these automatically:

• Page builders: Elementor, Divi Builder, Brizy, or any others you use. These plugins deeply affect your site’s front-end rendering. Updates can change CSS, layouts, or widget behavior. Depending on how much custom code you’re running, a page builder update can create a real mess.
• Your ecommerce plugin: WooCommerce, EDD. This is serious – it’s your business. These plugins have many moving parts. They handle checkout, pricing, taxes, orders, and more. You don’t want any hiccups in these areas after an update.
• Plugins that modify database structure or content: ACF, Toolset, etc. I wouldn’t risk any data loss, broken templates, or missing content.
• Theme-bundled plugins. Many themes now come with helper plugins. I generally wouldn’t update them if I’m not updating the theme at the same time.

Now, this doesn’t mean I wouldn’t update the above plugins at all. I’m just saying that I wouldn’t risk updating them automatically.

So what can you update automatically?

Try these:

• Any plugins that serve as a connection layer between your site and a third-party solution. Think of plugins connecting you to Google Analytics, your email marketing tool (newsletter, SMTP), Google Site Kit, etc. Update them to ensure that whatever they’re connecting to can work properly.
• Security plugins. Some might debate this, but I think it’s generally a good idea to update these right away, as they might come with features highlighting new issues found in WordPress and helping you stay safe.
• SEO plugins. You want to be up to date with any changes in Google schema and the tens of different SEO tags that are currently trending.

“How do I update plugins automatically?” I hear you ask.

By default, WordPress will not update your plugins automatically, but you can tell it to.

Either click any of these links next to the plugins you want to update automatically:

Or, you can make it easier on yourself and install the Updates Manager plugin.

After installing and activating the plugin, go to its panel (Settings → Updates manager). There, select this option:

Click on Save in the top right corner.

Next, go into the Plugins tab. There, you can pick which plugins you want to update automatically and which ones you want to keep on manual updates:

You can set this on a plugin-by-plugin basis. And, if you want to for whatever reason, you can even disable updates for certain plugins completely.

Note: Not sure if you want auto-updates at all? Here’s how to disable them completely.

2. Use a staging site to test plugin updates

If you’re unsure whether it’s safe to update an important plugin – something like WooCommerce, your page builder, or anything else from the “careful” list above – you can perform the update in a “playground.”

I’m talking about a staging site. A staging site is basically a copy of your website that can be used to try out new things without impacting the main site.

Since your staging site isn’t accessible to the public, you’re able to apply these changes in private without affecting the user experience. Plus, your live website will remain unaffected should anything go wrong.

Most quality WordPress hosting providers offer staging sites with their hosting plans. Otherwise, the easiest way to create a staging site is to use a plugin like WP Staging.

It’s quite easy to use. Just install, activate, and you’ll be able to create a staging site with a couple of clicks.

3. Set your policy for WordPress core updates

By default, WordPress will update itself – the core, I mean – whenever a new “minor” security or maintenance update is available.

This is usually okay, but it’s much better if you are the one in control and decide whether you want them or not.

You can do this easily with, again, the Updates Manager plugin.

When you go to the plugin’s settings, you’ll see this dropdown next to the “WordPress Core Updates” label:

• Disabling updates will disable all core updates completely; you won’t even be notified of a new update (not advised).
• Disable auto updates means that nothing will be installed automatically, but you’ll have the option to approve updates manually.
• Allow minor auto updates – this is WordPress’s default setting, as I said above.
• Allow major auto updates – this basically means that every new WordPress update will be installed on your site automatically (it’s still mostly okay to do this).
• Allow development auto updates – WordPress releases many in-between updates to test out super-new features and help with development. Selecting this will have them installed automatically. Don’t do this unless you want to mess up your site.

Click on Save in the top right corner when done.

4. Roll back problematic plugin updates

In the event that a plugin update went not exactly right and you’re not happy with how your site works right now, you can still roll the update back and reinstall the previous version.

Note: If the update has broken your site and you’re not able to access your dashboard at all, you’ll first need to deactivate the plugin manually. To do this, you’ll have to access your site files through cPanel or FTP and turn the plugin off there. Here’s a video tutorial if you’re facing this problem right now:

If the update went only slightly wrong – not completely wrong – then you can roll the update back quite easily.

Use a plugin called WP Rollback.

It’s really easy to use. After installing it, you’ll see these links next to every plugin on your site:

After clicking it, you’ll get to pick from all the plugin versions ever available:

All you need to do is select your preferred version and click on Rollback.

5. View version details before updating

Just so that you know what you’re actually updating to, it’s a good idea to check the changelog of the update. You can do that when you click on View version details next to the plugin update link:

This way, you can see all the changes that the developer has made to the plugin. Any fixes, new features, and important notes will be there. For example:

6. Have backups in place

Should this be #1? Probably, but I also feel that this is fundamental enough that most users will already have backups in place. Right? RIGHT?!

Let’s just pretend that you don’t have this taken care of yet. So:

The good thing about backups these days is that most web hosts will handle them for you. SiteGround does this, Bluehost too. Meaning, just by virtue of hosting with these companies, you will have backups made automatically for you every day.

That way, should anything go wrong, you’ll be able to restore your website to a previous version.

This is especially important if you’re running updates on a live site. If you hit a bad update, your website may crash, and you can lose out on traffic and revenue.

If your host doesn’t provide updates, then just install a plugin like UpdraftPlus.

With this tool, you can create fresh backups and restore your site in just a few clicks. It enables you to back up WordPress files, database tables, plugins, and themes, and store them in your preferred location. Better yet, you can automate the process, scheduling backups hourly, daily, or weekly.

Here’s our step-by-step guide on how to set it all up.

Conclusion

🔌 To recap, here are six tips to manage WordPress plugin updates:

1. Decide what to update automatically
2. Use a staging site to test plugin updates
3. Set your policy for WordPress core updates
4. Roll back problematic plugin updates
5. View version details before updating
6. Have backups or a plugin

Do you have any questions about WordPress plugin updates? Let us know in the comments section below!

FREE GUIDE

4 Essential Steps to Speed Up Your WordPress Website

Follow the simple steps in our 4-part mini series and reduce your loading times by 50-80%. 🚀

Site Speed Guide - Below Post

Your Email *

Subscribe to our newsletter

Subscribe to our newsletter

FREE ACCESS

If you are human, leave this field blank.

Δ