“Everything is working fine, so don’t update your site and risk breaking something!”
As the professional who comes in and fixes broken sites, I’ve heard that line so many times. What prompted me to write this post is that is that more recently I have been hearing Wed Design agencies sprook this line to their clients. Don’t update your WordPress site, its plugins or themes, in case it breaks something.
In a way, it makes sense – if it ain’t broke, don’t fix it! But there are huge risks and associated costs that come with ignoring updates on WordPress websites.
Why are Web Design agencies telling clients not to update their sites?
I have one simple theory. Its to cover their arse because they are incompetent, don’t have the skills or couldn’t code their way out of a wet paper bag. Honestly there are some people out there that sign-up for a WIX account, play around with their drag and drop builder, then get an ABN and call themselves a Web Designer.
Web Designers and Web Developers require two entirely different skills. Designers do graphics and Developers do PHP, Javascript, HTML and CSS. But as a Web Developer, I find it astounding to hear anyone advise their clients that they should never update WordPress. This is not just bad advice, but coming from a Designer this advice can be considered negligent. WordPress and other software needs to be updated.
A disturbing trend I have seen recently is the use of specific Plugins to deliberately hide warnings and and notifications for WordPress. This means if there are critical or major updates available, you will never know, because these plugins seek out and hide these notifications. This gives the impression that your site is fit and well at all times.
WordPress asks you to update a lot of things. All of your plugins need to be updated on a regular basis, and your theme as well. Even if you have plugins and themes installed but not activated they still require updates too. And, of course, WordPress itself releases major updates major every few months, and smaller updates as often as every week or so.
So if everything on your site is working just fine, should you bother with all those updates?
After all, it takes time, and there are scary warnings about backing up your site first. And what if an update breaks something!? What if the update makes confusing changes to the user interface? Its enough to make you want to run away, but yes, you absolutely should update your site!
There are several reasons why WordPress updates are so important.
New Features. This is the most obvious reason to update: updates add shiny new features to your site! Sometimes the features will be pretty exciting, sometimes you will hardly notice, but it’s always good to have access to all of the latest stuff. Granted, sometimes the new features might change your workflow a little bit. But here’s the thing: new features are introduced incrementally. That is, each version has a few new little things. So if you update regularly, you’ll just have small new things to get used to. But if you wait a long time to update, and suddenly add 6 months worth of new features to your site all at once, those changes will be much more dramatic and much harder to get used to. So you’re better off updating as often as possible.
Security. Sure, you have just a tiny little site, with hardly any traffic, so why would anyone want to hack it? The truth of the matter is, every WordPress site is a target. This isn’t because WordPress isn’t secure: it’s because WordPress is so prevalent. WordPress is 28.9% of the internet, which means there are huge payoffs for hackers who can figure out how to break into WordPress sites. Hackers don’t care how much traffic your site gets – they just want to use your site as a source for illegal activities so they can cover their tracks. The danger here is that you as the website owner are responsible for the activities that take place on your website.
What does this have to do with updates?
No software is perfect or error free. Any time an issue is found with WordPress, the WordPress team releases an update to fix the vulnerability. This applies to plugins and themes. On top of this, as security vulnerabilities get fixed, the information about the vulnerability becomes publicly available. That means that hackers know how to get into old versions of WordPress. So it is extremely important to keep your site updated to avoid getting hacked!
Wed Design agencies telling clients not to update their sites is WRONG!
No matter what, you are going to have to update someday. You can’t keep avoiding the issue and running away from updates forever, despite what some Web Agencies and Designers will tell you. If you do, some day you will get hacked. Guaranteed.
Unless you are a security expert, you will often see no tell tail signs of when it happens. You will usually find out when it’s too late. In a worst case scenario, the hacked site turns into data theft, impersonation and a clean up of your bank account. I recent worked with a client who had in excess of $100,000 taken out of their bank account. It all started with a security vulnerability on their website.
The more often you update, the less likely it is that updates will cause problems. Problems will arise if you try to skip a bunch of version numbers (for instance, if you try to update from version 3.6 to version 4.5).
I have encountered this many times. Whenever someone contacts me about issues with their site, I will check to see what plugins and themes are out of date. In many cases it’s too expensive to try and fix, and the best solution is to start all over with a new site and import the old content. For a small site, this might not be a big deal, but for complex sites, it can get very expensive.
You might think you don’t need to update because everything is working just fine right now. But in the long run, not updating will cause far more problems.
Have you been told not to update your WordPress site?