WordPress is a software. And like any software, you need to have the most current version. They apply fixes and patches all the time on software, so to keep hackers working hard to get into your site, please keep it updated. Now sometimes hackers will still get in, but make them work for it instead of just giving them the keys. Keep your WordPress version up-to-date as much as possible.
Now on to the fun stuff. One thing to keep in mind if you are not comfortable with FTP, cPanel and a little bit of database tables is that you can hire a WordPress developer – like iDesigns – to do this update for you. If this is not done right, it can really mess up your site – and possibly even cause your site to be down for awhile – which in the end will cost more to hire a company to get the site back online.
Here is a brief list of everything I do when upgrading our clients’ sites. There are more details to the upgrade process that you can read below from the codex site.
- Download all theme files and I even download all core files too.
- Download all plugin files and disable the plugins before the update.
- I even do a quick export function of my sites posts, images and content.
- Go into your hosting account and make a backup of your database using the cPanel or PHPWebAdmin panel.
- Once this is all done, try the simple upgrade to new WordPress message in your wp-admin panel.
- If that does not work, then we perform a manual upgrade to the WordPress system.
These are the short instructions, if you want more check out the extended upgrade instructions. If you experience problems with the Three Step Update, you may want to review the more detailed upgrade instructions
For these instructions, it is assumed that your blog’s URL is
Step 1: Replace WordPress files
- Get the latest WordPress zip (or tar.gz) file.
- Unpack the zip file that you downloaded.
- Deactivate plugins.
- Delete the old
wp-admindirectories on your web host (through your FTP or shell access).
- Using FTP or your shell access, upload the new
wp-admindirectories to your web host, overwriting old files.
- Upload the individual files from the new
wp-contentfolder to your existing
wp-contentfolder, overwriting existing files. Do NOT delete your existing
wp-contentfolder. Do NOT delete any files or folders in your existing
wp-contentdirectory (except for the one being overwritten by new files).
- Upload all new loose files from the root directory of the new version to your existing wordpress root directory.
NOTE – you should replace all the old WordPress files with the new ones in the
wp-admin directories and sub-directories, and in the root directory (such as index.php, wp-login.php and so on). Don’t worry – your wp-config.php will be safe.
Be careful when you come to copying the wp-content directory. You should make sure that you only copy the files from inside this directory, rather than replacing your entire wp-content directory. This is where your themes and plugins live, so you will want to keep them. If you have customized the default or classic themes without renaming them, make sure not to overwrite those files, otherwise you will lose your changes. (Though you might want to compare them for new features or fixes..)
Lastly you should take a look at the wp-config-sample.php file, to see if any new settings have been introduced that you might want to add to your own wp-config.php.
Step 1.5: Remove .maintenance file
If you’re upgrading manually after a failed auto-upgrade, delete the file .maintenance from your WordPress directory using FTP. This will remove the “failed update” nag message.
Step 2: Update your installation
Visit your main WordPress admin page at /wp-admin. You may be asked to login again. If a database upgrade is necessary at this point, WordPress will detect it and give you a link to a URL like
http://example.com/wordpress/wp-admin/upgrade.php. Follow that link and follow the instructions. This will update your database to be compatible with the latest code. You should do this as soon as possible after step 1.
Step 3: Do something nice for yourself
If you have caching enabled, your changes will appear to users more immediately if you clear the cache at this point (and if you don’t, you may get confused when you see the old version number in page footers when you check to see if the upgrade worked).
Your WordPress installation is successfully updated. That’s as simple as we can make it without Updating WordPress Using Subversion.
Consider rewarding yourself with a blog post about the update, reading that book or article you’ve been putting off, or simply sitting back for a few moments and letting the world pass you by.
Your update is now complete, so you can go in and enable your Plugins again. If you have issues with logging in, try clearing cookies in your browser.