A Beginner’s Guide to Safely Updating Your WordPress Website

Hand reaching through a glowing computer screen to tap the keyboard

How do you update and maintain your WordPress website? Here’s a Beginner’s Guide so you can confidently tackle the essential maintenance for WordPress.

You have a shiny new website as exciting as a new car. It’s full of the wonderful new car smell, and your hopes and dreams for your business future. But like a new car, websites take care, maintenance and occasional repair when things go pear-shaped.

But how do you update and maintain your WordPress website?  Here’s a Beginner’s Guide so you can confidently tackle the essential maintenance.

A WordPress website is made up of three main parts.

  • WordPress: The engine that drives your car.
  • Themes: Themes give your site a particular look and feel in the same way your car make, and the model gives your car a particular look and feel.
  • Plugins: These give your car extra functionality or super fancy looks (think of things like ABS, a sun-roof or anti-rust treatment).

How do you know when you need to update your website?

When you log into your WordPress website, near the top of the column on the left hand side of the screen, will be a red circle with a number in it. The number tells you how many updates are waiting for you to run.

WordPress dashboard showing number of updates.

If you click on the link that says Updates, you will be taken to a page that shows you what updates needs to be applied.

WordPress Updates Page

While this works well if you are in the habit of logging into your site, an easy way to know what needs to be done is use Wordfence security on your website and set it to notify you if any updates need to be run by choosing the Email Alert Preference to notify you with scan results of this severity level or higher – set it to Medium.

Wordfence Alerts showing medium.

How often do you need to update your website?

In any given week, at least one of these parts of your website will have a patch or update issued. In many cases, there are multiple patches or updates that need to be applied each week.

Unless you are on managed hosting, these updates are not automatic and require the website owner or manager to run the updates for the site manually.

Why do WordPress plugins and themes need to be updated so often?


Each of these parts is created by different companies or through open-source collaborators. When the WordPress team updates something in their code, the theme and plugin companies need to review their code to make sure that it will still work with the updated WordPress, and then they release a patch to update their plugin or theme.

Because there are tens of thousands of different themes and plugins on the market, they won’t always play nicely together. When people report a conflict, then the theme and plugin developers figure out the problem and then release a patch to their code to fix the issue.

Unfortunately, some patches fix one problem and create unintended other issues. Which means everyone goes for another round of patch fixing.

Extra functionality

Good developers add functionality to their themes or plugins. Some functionality additions are minor, but other additions are major reworks of the code.

Where there is a major rework, there is a huge chance that there will be unintended bugs in the code somewhere or conflicts with other plugins and themes. This triggers a cascade of bug fixes throughout the WordPress ecosystem.


Speed is the new online currency, and most good developers are constantly working on ways to reduce the load time of their plugin or theme. Many patches are designed to speed your site up.


Hackers are an ever-increasing presence on the web. They constantly probe for security gaps and flaws in the code as a way to gain access to websites. As a security vulnerability is identified, WordPress, theme and plugin developers race to issue patches to stop the problem.

Why you need to update your plugins

Handy Rules Around When You Need to Update Your Website

It helps to understand some key rules about updating your website.

  • If it is a critical or high-security patch update, then run the update within one day of the patch being released.
  • If it is a medium security patch update, then run the update within one week of the patch being released.
  • If it is a minor feature update, then run the update within 30 days of release.
  • If it is a major feature update, then wait for the first minor patch release to pick up any conflicts first before updating (or at least a fortnight until any bugs have been identified).
  • If it is a conflict update, then run the update within 30 days of release.

How do you know if it is a major or minor or security release?

1. Look at the version

Every software developer follows a basic numbering protocol to flag whether a revision is major or minor. Here are some examples of what you are looking for:

11.0.0 – This is a major update. It has significant code changes. Generally, wait until the first patch appears before updating (or at least a fortnight until any bugs have been identified).

11.1.0 – This is a significant update to the major version.  Generally, wait until the first patch appears before updating (or at least a fortnight until any bugs have been identified).

11.1.1 – This is a patch and is generally safe to update. Read the release notes to see if there are any security patches that need to be applied.

2. Look at the release notes

Every release contains notes from the developer about what has been updated. Look at the notes to see what specifically has been changed, and if there are any security patches.

To see the release notes, click on the view version xxxx details link in the plugin update section.

Release notes link in WordPress updates.

Here are some excerpts from Yoast’s release notes, so you get an idea of what is included:


Release Date: April 16th, 2019

We’ve made huge changes to the schema.org markup we output, adding multiple different types of Schema.


Release Date: April 30th, 2019


  • Improves how we generate the image parts for the Schema output.


  • Fixes a bug where the position of the buttons in the FAQ and How-To structured data blocks was compromised when running the development build of Gutenberg.


Release Date: May 6th, 2019


  • Fixes a bug where an empty width and height would be outputted in the image schema when there was no retrievable width and height.

    Which plugins/themes cause the most problems on updates?

    There are some categories of plugins that are more likely to create a problem on updating, and which mean you need to check your website carefully after updating them to see if it looks/acts the same way after the update.

    • E-commerce plugins
    • Event calendars and ticketing
    • Membership plugins
    • Pop-up generators
    • Caching plugins
    • Sliders & gallery plugins
    • Directory plugins
    • Any paid plugins or themes.

    How do you update your WordPress Website?

    First a word of caution: If you haven’t updated your site for some time, test things out on a staging or test site first and not on your live website (see below).

    Read more: Should you auto-update your website?

    1. Backup your site

    Always run a backup of your website before running any theme or plugin update.

    The paid version of UpdraftPlus has a super handy feature where it allows you to automatically run a backup before doing any updates to plugins or themes. That is worth the cost of the subscription alone as it is super easy to forget otherwise.

    Updraft Plus auto update feature.

    Other good backup options include Backup Buddy and VaultPress.

    2. Update Your Plugins first

    While there is a debate about the exact order to update your site, what I have personally found is updating plugins first reduces conflicts between changes to WordPress and your themes.

    I prefer to manually update plugins one at a time, checking the home page, blog page and a form/directory page after each update to make sure it looks the same.

    By updating one at a time, you also reduce the risk of triggering the “Stuck in maintenance mode” problem, where the site doesn’t update correctly, and your site shows the message “Briefly unavailable for scheduled maintenance. Check back in a minute.”

    Always update WooCommerce extensions BEFORE you update WooCommerce.

    To update, tick the box next to the plugin you wish to update, and then click the update plugin button.

    How to update a plugin.

    Wait for the successful update messages to run through. Don’t click away until you see the All Updates have been completed message, and the links to take you back to the plugins page or the updates page.

    Successful update message.

    3. Update Your Themes

    Your web developer should tell you if your theme is a paid one, and when the license runs out. Most paid themes only have a 12-month licence, and you need to pay each year to keep getting the updates.

    I have bought lifetime licenses for all my client sites, so they don’t get hit with annual fees to maintain their Divi theme.

    To update, tick the box next to the theme you wish to update, and then click the update plugin button and wait for the updates to run through to successful completion.

    How to update a WordPress theme.

    4. Update WordPress Last

    Finally, update WordPress.  

    How to update WordPress.

    This may take a bit longer to run, and on completion will take you to WordPress page on your website that explains what the latest change to WordPress means.

    Successful update of WordPress.

    5. Clear Your Cache

    Always clear your cache after every update to make sure that any changes have been correctly reflected in the front of the site. Often many perceived breaks are just a cache that hasn’t cleared.

    What should you check to make sure the updates are OK?

    After any plugin, theme or WordPress update, always check:

    • Home Page
    • Blog Page
    • A page that has a complex form on it
    • A page that has a directory on it
    • Your shop page (if you have updated an e-commerce plugin)
    • Your events page (if you have updated an events plugin)

    You are looking to see if anything looks strange, or if it doesn’t function correctly after an update.

    Do you need a test site?

    If it is a significant update to a plugin or theme, or if you haven’t updated things for some time, then it pays to test the update on a staging site first before making the update on your live site.

    Some hosting companies have staging site options built into their plan.

    If your hosting doesn’t have that option, then UpdraftClone  has a super simple low-cost one-click test site option.

    You can create a test site, update and see if anything breaks, and then delete the test site with one click before running the updates on your live site.

    What do you do if something breaks?

    It is inevitable that some update will break some functionality or design at some stage during your ownership of your website.

    You have a few options:

    Use WP Rollback and rollback to a previous version of the plugin or theme (This only works for free plugins or themes in the WordPress repository.)

    WP Rollback plugin.

    If you are using Divi as your theme, it comes with a built-in Rollback function in case one of the Divi updates breaks on your site.

    Restore your site from your backup. UpdraftPlus makes it easy to restore from their backup log page.

    Updraft Plus restore buttons.

    Contact your web host to restore from their backup. If your backup is faulty, then go to your web host and get them to restore the site from their backup. Remember, a good web host does not charge for restores. If yours does, then change hosts!

    Wait it out. If it’s only a minor inconvenience with a line looking a bit strange here or there, then you can simply wait for the next update and bug fix to sort it out. You can let the plugin/theme developer know of the bug if you are keen to get it sorted sooner rather than later.

    Contact your web designer. If things break badly and your restores don’t work, then get in touch with your web developer to see if they can debug it for you.

    What to do if your site gets stuck in maintenance mode?

    If you have tried to update too much at once, your updates may get stuck, and a message gets shown instead of your website:

    “Briefly unavailable for scheduled maintenance. Check back in a minute.”

    To fix that, go to your web hosting control panel and find the file manager.

    Go to the root folder of your WordPress website (it’s the one with the wp-config.php in it) and look for a file called .maintenance.

    Delete .maintenance file, and your site will be back to regular.

    Here’s a good article on how to find and delete the .maintenance file.

    Last thoughts

    Ongoing maintenance on a WordPress website is one of the costs you need to factor in when having a website.

    You can do the updates and maintenance yourself, in which case the cost is merely your time, or you can have someone else do it for you, in which case there is a dollar cost attached.

    We offer a range of WordPress website maintenance plans for sites we build to take the hassle out of maintaining your website.

    We take care of the maintenance for 90 days after a new website is launched for all websites we build for our clients. After that time, clients can either take over the ongoing updates or they can opt for a maintenance plan where we continue to look after updates for them.

    Whichever option you choose for your site updates, remember that websites are like cars. You need to keep your website maintained to keep it safe and humming along smoothly for the maximum possible time.

    About the Author

    Ingrid Moyle

    Ingrid Moyle is a small business web designer and copywriter. When not hardwired to her computer, she quests for the perfect decaf coffee while chasing virtual reality creatures across the backstreets of Brisbane.
    Bowler hat with lightbulb.

    Join Our Newsletter

    Related Posts