Often times when running a website, individuals will only make the changes they need and neglect the general maintenance of the site, including things such as updates. As described in our article on security practices, keeping WordPress as well as any plugins of themes is critical to your site’s health.
Risks of neglecting updates
- The biggest risk you face by not keeping everything up to date is security issues. Many times, updates are pushed out to solidify the security of the code. By neglecting updates, critical security flaws can be introduced and cause issues such as a fully compromised website or allow execution of unwanted code. Simply keeping everything up to date at all times will largely prevent issues.
- Lack of compatibility is also a concern if one thing is updated, but not others. For example, if you updated WordPress to the next major version, but not Gravity Forms, you can sometimes run into bugs as something Gravity Forms may have been using in the older version, may not be present or changed in the newer version.
- A large majority of the code placed in minor updates, is simply to correct a bug that may exist. Failing to update your plugins can expose you to those bugs and sometimes lead to an overall poor experience.
Keeping everything up to date
- Check for updates often. Simply logging into your WordPress admin dashboard and checking to see if updates are available will greatly assist you with keeping everything up to date.
- Add license keys for Gravity Forms and other premium plugins. Without a valid license keys saved in the plugin settings, WordPress is unable to check for updates on your behalf.
- Use a management tool. If you have multiple sites that you need to maintain, logging into each of them daily to check for updates can be a bit of a pain. Tools such as WP Remote can allow you to check multiple sites for available updates with a single click of a button.
- Enable automatic updates. What’s better than logging into sites daily to check for updates? Automatic updates! The WordPress codex has an excellent article on enabling automatic updates both within WordPress core, as well as for plugins. You can find it at the Enabling Automatic Background Updates article.
Maintaining updated software by far one of the most important aspects of running a successful website. With the knowledge you have gained in this article, you should be able to easily maintain current copies of all software running on your site.
How Automatic Updates Work?
The background updates setting on the Forms > Settings page is synchronized with the enable/disable auto-updates link on the Plugins page.
As of version 2.7.1.1, WP-CLI commands for managing plugin auto-updates are supported.
Update Types
• Hotfixes: Not available via auto-update. You will need to install them manually.
• Minor Versions: Updates (e.g., from 2.7.1 to 2.7.2) will install automatically when auto-updates are enabled.
• Major Versions: Updates (e.g., from 2.6.9 to 2.7) will not install automatically but are available for installation through the WordPress or Gravity Forms updates pages.
Note: Not all sites will receive updates simultaneously; updates may roll out gradually to ensure stability.
Caching Considerations
Update data is cached for one day to limit requests to our API. The download URLs for updates have a two-day lifespan. If a site employs a caching or optimization solution that causes the cached update data to persist longer than intended, it may lead to installation failures until the next update check refreshes the data. You can manually refresh this data by going to Forms > System Status > Updates.
