In the last week – I have updated a number of out of date WordPress sites for clients. Some were running WordPress before version 3 (which came out in June 2010 – over 2 years ago). Others were only a point release or two behind. Many clients are nervous about updates, while others want to update every six months. In reality – not keeping up to date should make you more nervous about updating your site and scheduled updates – while they sound nice – do not always work.
Thankfully the reason for all the recent updates were not because of any hacks – the important lesson here is that it is essential to update as soon as possible. Not only will your site be more secure but updating a point release at a time is a lot easier than updating a site from several versions back. Things change, code improves, other code depreciates. Updating your version of WordPress is a lot less painless when you do it often and regularly vs. in an emergency because of a hack.
While updating WordPress is essential – so is keeping up to date with plugins. I recently was brought in to assist with an upgrade which had an outdated version of WordPress along with over 40 plugins that were out of date. (Yes – 40). While most people often “do not want to rock the boat” with plugin updates – these updates are also essential. Plugins also contain security updates which are important.
If you are serious about your web presence – take some time to update WordPress and the plugins as the updates come out. If you are concerned that an update might break some custom functionality – create a backup first and then update. If anything goes wrong – you can always go back to what you had right before the update. If you do not want to worry about updates – consider moving to a WordPress host like WP Engine – who will take care of WordPress updates for you.