Updating the WordPress core first and then the plugin or even clicking the update them button may look overwhelming for many. In reality, there are many incompatibility issues and version releases changes that can break the WordPress theme and so, the site will stop working by showing a blank page or no access to the admin area, or long lines of error codes here and there.
For those who don’t know what to update first in WordPress, the core, plugins, or theme, this will be the definitive guide on how to safely update WordPress blogs and never lose content or even risking the design. So, let’s understand these changes.
What are WordPress core updates?
Unlike any software versioning WordPress has Major and Minor releases only:
WordPress theme updates
WordPress theme updates are linked in the majority of the cases to new features added by the developer or the web design company that sells these designs. So, it can be just a new tool added in the theme dashboard, a new improvement, or other things like performance-related updates and so on. But also, these theme changes can address the latest WordPress core file changes, so, they’re changes to meet the new WordPress file requirements, functions, etc…
Them updates are not frequent like plugin change or WordPress core file updates, that’s why many themes are stable and pushed new releases once a year or so, to avoid issues.
Unlike themes, WordPress plugins are known for causing the majority of error messages and showing strange error code if are not compatible with WordPress’s lest version. Besides the fact that plugins are good for every blog or site in WordPress, there are also cases when adding dozens of them can cause lots of issues.
WordPress plugins are PHP files basically, and if you consider MySQL and PHP request altogether, you’ll understand that having a bad code could cause fatal errors to the site and make it work slowly in the best scenarios. Now, talking about plugin updates, they’re sensitive, so, if there is a security release, you should click the update button, messing with outdated PHP files is not good for your site.
Now, for third-party plugins that come included in a theme, there is a big issue with updates, Visual Composer (previously) or Slider Revolution and Smart slider are largely used by freelance theme developers and agencies who built themes for clients. So, as a client, you don’t have to purchase a separate license for many useful tools, however, because theme sellers do not update their list of bundled plugins regularly, you may get notifications in WordPress to update plugins like
WPBakery Page Builder, Essential Grid, UberMenu, or others. Unfortunately, there is no way to get the latest version of these tools unless you wait for the web design company to add it, for that reason, skip the update and if you should do that, contact their customer support and tell them there is a new version available, and the can help, otherwise, it’s not a big deal.
How to update a WordPress plugin bundled in a theme?
No matter what theme you’re using, most premium WordPress themes come with plugins includes like slider Revolution, so, if you see that an update is available, here is what you can do.
- Login to the account where you purchased the theme
- Download all the files again
- Unzip the theme files
- Browse the files and look for a folder related to plugins or extensions
- Find the exact plugin in question, and remove the old one and then, add it or use the FTP method
Here is an example of a plugin that a theme WordPress theme development company included in the download files, so, users can add the plugins update from there if they want.
Versioning WordPress release
As a software WordPress uses versioning to keep track of the different changes, there are major changes, minor changes, and something in the between that you can call sub-minor release or revision.
The WordPress versioning release is not the same as plugins and themes, indeed, they call a third sequence release (example (5.4) a major release, and (5.5.2) a minor release. There are no patch security or dedicated versions to fix bugs, they do all together in one revision.
Now, here is what version men in WordPress plugin, and themes:
The version of any software is a form of 3 or more numbers separated by a dot: example 1.3.4 and from left to right in the example above, changing the version from 1 to 2 is a major release, that means drastically or partially different files and other code that may not work if you change plugins or the theme. The second number “3” for example is a minor version release, so, it can be important in performance, speed, or security but it’s not big enough to be considered like a major WordPress release or update.
The last number (it’s just an example, some plugins have a long version with micro revisions, like 220.127.116.11) means a revision realizes that comes with bug fixes, problem-solving, etc…
Will updating WordPress break your site?
Definitely yes, if the WordPress version and the theme code are not compatible, here is the worst scenario which personally I encountered many times before. You have a good them you purchased from any popular marketplace such as Themeforest or other, and the developer pushed the last update 4 years ago which is awful.
Now, when WordPress has the Fifth version (5.) there are many changes in the core file, including the comments template that was changed, so, people won’t able to add their comments on posts. Of course, the theme developer may be out of business at that time and he’s not willing to do all that hard job and release a new version compatible with WordPress’s latest changes.
When you click on the update button for WordPress core or the theme, the site will start installing the new code and surprisingly, you’ll get a white screen of death, or no updates at all, which means the theme failing the push the new files or the admin will be locked out of the dashboard and won’t be able to log in again unless he does some tricks and deal with FTP, etc…
Updating the WordPress core or plugins first?
The truth about WordPress updates is this: There are hundreds of updates per year, so some of them are minor changes and some are security updates. So, as a reaction, plugin developers should also follow the latest updates and fix any vulnerability or problem related to the old WordPress files they used.
Thus, plugin updates, in general, are reactions to the WordPress core changes and releases. That means, updating WordPress first or the plugins first can easily break your site or them and make it inaccessible for some time.
Now, not all the updates break WordPress sites, of course, however, in many cases, when a plugin developer is using old WordPress functions that have been updated, and the webmaster clicks the WordPress update buttons, there will be a fatal error in the admin area and the site pages which is not the best way to manage a website and look professional.
How to know if they’re WordPress security updates?
WordPress is not popular because it’s a blogging platform that millions of people use and like, but also, because there is a big company behind that software. So, there are thousands of developers from all the continents who fix a bug and make WordPress work better, and most importantly, there is a dedicated changelog page for all the WordPress versions from the beginning (2003) until now with detailed explanations and issues that were fixed.
Here is how to know if a WordPress update is related to security or just a general update that you can skip for some time.
- First, visit the WordPress versions page in the codex platform, and you’ll find long lists of codes followed by dates and names.
- Scroll to the bottom of the page to find the latest versions( the tom ones are the oldest versions, the new version on the bottom of the page)
- Click on the Blog link and you’ll get all the detail related to the version changes
On the next page, there are the WordPress 5.3.2 Maintenance Release notes, there are no updates related to security.
As you can see, it’s not a major update, so, it’s better to wait until developers update their plugins and themes to be compatible with that version, then, in two weeks or so, it will be safer to update WordPress plugins, code, and theme without issues.
Is updating WordPress safe?
On the other side, if there is a security release like the next screenshot for the version WordPress 5.3.1 Security and Maintenance update, then, it’s better to click on the update button for code files.
If you skip that WordPress version, there is a risk of being hacked or getting vulnerabilities because attackers always try to target old versions with bugs.
How to find the details about a plugin version update?
Before clicking on the update plugin button in WordPress, I recommend checking the version first and see what all that change is about. When you’re in the admin area, click on the Updates icon on the top left corner of the page just next to your blog title, or click on the plugins menu from the left admin menu (vertical).
Next, there will be the exact plugin name to be updated and a link to its version details or changelog file. You can click on that and check all the release details about a WordPress plugin before updating it.
Now, you’ll get a popup with the changelog of that plugin and other details to check. If there is any mention of security, then, it’s better to update it and bring all the new code, so, your blog will be secure. Otherwise, it’s not the time to update the plugin if there is no need for that, anyway, the developer will add other updates because the community of users will find bugs and report them, so, it’s always possible to have the latest version of a plugin, but with its bugs and that’s not a good step.
Exactly as dealing with WordPress theme updates, you don’t have to click on every new release update if it’s not crucial in terms of security.
Every time you see a notice in your WordPress admin are saying:
There is a new version of (them or plugin name) available. View version 13.1 details or update now.
You should click on the version details link first, read them and then decide if you really should update them or not. Most of the WordPress plugin updates are bug fixes, and waiting for a week or two won’t cause any problem in general.
How to find the WP theme update and details?
Exactly as plugins, when you see an update note in WordPress linked to your site theme, you can click the version details to learn more. That can take you to the theme marketplace from where you purchased them or to the official website of the company that designs it. In the two scenarios, there should be a file of all the versions especially the new ones with details on what they did and what these changes addressed.
For ThemeForest theme, for example, you can find the theme release notes at the bottom of every theme page like the next example in the screenshot.
If you don’t see a major release note, and you don’t want the new feature they added, it’s safe to no update the theme, but not for years, so, if there will be no other release in a month or so, you can update if you want to test the site.
Updating WordPress a theme is not good all the time
Not all the WordPress themes check updates automatically and if that’s the case, you should never allow them to install the new version without letting you see what that charge in files is about first. As I said earlier, there is no guarantee that making changes to the theme files will be good for your site, the theme developer or the company may add new features and options because clients asked for them, but if you don’t need them, they’ll just make your site slower even if that’s not noticeable.
I remember theme update that was about adding Woocommerce support for a theme about blogging, before the update, them and site work fast, and just after installing the new updates, the site worked slower and there was all the kind of problems in WordPress.
That’s just because Woocommerce itself is not a small step, the Woocommerce plugin is full of files and so, the theme itself should be compatible, and thus, installing a WordPress that comes with Woocommerce files should not be good if you don’t use them at all.
If you think that your blog theme includes all the Woocommerce files, you can ask your theme developer, if it’s safe to remove them to make the site work faster, and don’t forget that you should always use a child theme in WordPress and not the parent one. That ay, if the theme developer pushed a new release, you’ll not lose all the customizations and files, the child they request files from the parent theme, and you sit will work the same way.
A safe way to update WordPress plugins manually
Updating WordPress plugins manually is somehow a safer way to get the function your site needs or to roll back an old version. So, to do that, start by creating a backup for your WordPress database, and don’t skip this step no matter what you think and no matter what web host you’re using.
Not having a backup for your site is the last thing you need if the site stops working for any reason or error. So, go to the PHPMyAdmin interface, select the date of your site and click on the Export option. Or download a backup from your web hosting account if you have one or use a plugin that creates a backup and sends it to your email or cloud storage account. I’ve created a guide on how to create a database backup for WordPress sites, so you can check it out and follow the steps.
Now, it’s time to think about updating WordPress plugin manually using FTP, SFTP, or directly from the admin area.
To manually add the new version of a WordPress plugin, you have two options:
- Remove the old plugin file completely and then, install the new one
- Just let an FTP software upload the modified plugin files only without removing them all
In both cases, you have to think about what will happen if the new plugin version doesn’t work? So, you need access to FTP software like Filezilla or Cyberduck if you’re using Mac. If you’re locked out of the admin area in WordPress because of a plugin update, you still have the option to remove the plugin and add the old one.
Update a WordPress plugin from the admin area
Now, this is a very important step, don’t skip it, download the actual plugin from your WordPress dashboard in ZIP format. There are two good plugins for that:
The first tool lets you save any plugin to your local computer exactly like downloading it from the WordPress directory
The second one lets you download a theme and also a plugin in WordPress, so, you may choose this one if you’re willing to update them manually later.
After saving the plugin folder to your local machine or elsewhere, click the deactivate option under the plugin you want to update and remove it, then, look for the folder in a ZIP file (or create a new one) with the latest version of the plugin you want to install and add in WordPress.
Update a WordPress plugin using FTP
If you’re not able to install a plugin for any reason or you don’t want to mess with WordPress admin, you still have the FTP tool that should be easy to use.
Make sure you save the plugin folder locally in your machine, so, you can upload all its files all together with FTP or SFTP if you’re using a managed WordPress hosting and a VPS. When you’re connected to your site using FTP you should upload all the plugin files to this exact path:
wp-content/plugins, so, find the directly named
wp-content first, it’s in the same place where
wp-includes are located.
Then, open wp-content and find the folder called plugins, double click on it to open, and thus, you find all your blog plugins, again double click on the exact plugin you’d to update, and when you’re in its dedicated folder, open the plugin folder you have locally and drag and drop all the contained files to the remote server.
Next, you’ll get a notification to overwrite the duplicate file, agree and thus, you’ll update the plugin manually via FTP.
This is all for this guide on how to update WordPress plugins and what comes first, the core, themes, or just skip to the next version. If you have something to add, use the comment section below and let me know what works best for you and what you think.