Now is Always a Good Time to Upgrade WordPress
February 8th, 2008 by David Bradley >> 18 Comments
I finally upgraded my Sciencebase site to the latest version of WordPress, it had been languishing at version 2.1.3 for far too long and there have been many security upgrades between that legacy version and the current version 2.3.3. It was a post by Wayne Liew on the cleverly named Wayne Liew Dot Com that persuaded me to do the necessary.
Liew points out that upgrading to the most recent version of WordPress can help protect your site from minor security flaws. For instance, the recent 2.3.2 to 2.3.3 upgrade is required simply because it circumvents a security problem by which registered users can edit other users’ posts, which is obviously not a good thing. Even that single file upgrade is worth doing if it prevents someone hacking your site.
Liew strongly recommends using the WordPress Automatic Upgrade Plugin (WPAU) but I must say it was with trepidation that I investigated how easy an upgrade from such an old version would be either done manually or automated.
I had manually upgraded from a 1.5 version or thereabouts and found it to be rather painful in terms of backing up files, deleting old files and folders, remembering which ones not to delete, resetting file permissions etc etc, so I was very tempted to use WPAU.
The plugin backs up your files and database, deactivates plugins, downloads the WordPress upgrade files, installs them, reactivates only those plugins that were deactivated, cleans up temporary files and points you to the final “database upgrade” link in WordPress that reboots your site.
Here’s a quick tip for those wanting to upgrade – try WPAU on a smaller, less important site first. If it all works perfectly then it will give you the confidence to undertake an automated upgrade on your main site.
The tip obviously only applies if you have more than one site, and if one of them is less important to you than the other. My successful upgrade of the smaller site (albeit only jumping from 2.3.2 to 2.3.3) convinced me and so I undertook an upgrade of Sciencebase WPAU.
Of course, if you’re on a host with the Fantastico system you have automated WordPress upgrades built in. The only problem is that Fantastico usually lags behind the current release (at the time of writing, it’s sitting at 2.3.2, in fact)
Anyway, WPAU worked perfectly, first time, which was an amazing relief. However, having been using a 2.1.5 widgetized system the final result was a messed up sidebar that took a few little tweaks to fix (some widgets were missing and others were in the incorrect order, although that may have been down to caching problems rather than the upgrade itself).
However, one or two plugins simply failed to run in the latest version (Top Posts by Category and Get Recent Comments, for instance). I removed these altogether pending the release of compatible updates. Other than that I’ve had no problems. Several other plugins were flagged as requiring upgrades, and these were duly done. If you happen to visit Sciencebase.com and spot any problems I’ve not seen, perhaps you could let me know.
Next week: How to Steal a WordPress Theme. Subscribe to the Sig Figs feed to be alerted.