WordPress 3.7 introduced automatic upgrades. Maintenance and security updates are applied in the background when a patch becomes available and someone visits your site. By default, the process only applies when updating minor versions — such as 3.7.0 to 3.7.1 — and takes no longer than 25 seconds. The development team tested more than 111 thousand sites without a failure. You shouldn’t experience any problems.
That said, we developers work in binary. Things either work or they don’t; we’ll translate the phrase “shouldn’t fail” to “will inevitably fail at some point”. Automated updates are especially risky if you:
- use a large number of dubious plug-ins or complex third-party themes
- want to control and manage updates yourself, or
- have an especially nervous disposition!
Will Your Site Be Problematic?
File permissions, network connectivity and other issues can cause updates to fail. If you have concerns, install the Background Update Tester plug-in to help you spot the most obvious problems. After enabling, visit the Update Tester screen from the dashboard.
Disable Automatic Updates
The WordPress team discourages disabling updates but there are a couple of options should you wish to disobey:
- Use version control. If WordPress detects Subversion, Git, Mercurial or Bazaar files in the installation folder, plugins folder or any parent folder, it will disable automatic updates.
- Alternatively, add the following line to your
wp-config.phpfile in the WordPress root folder:
define( 'WP_AUTO_UPDATE_CORE', false );
Enable Automated Minor Updates Only
Automated minor update installation is the default option so you shouldn’t need to do anything. However, if you’ve implemented something clever or unusual, you can explicitly set WP_AUTO_UPDATE_CORE in your
define( 'WP_AUTO_UPDATE_CORE', 'minor' );
Enable All Updates
Do you laugh in the face of danger and tickle the feet of fear? You can enable major and minor automated updates with:
define( 'WP_AUTO_UPDATE_CORE', true );
You’ll never need to hit that ‘Upgrade Now’ button again. That’s assuming everything went well and you still have a working dashboard to log in to!
Craig is a freelance UK web consultant who built his first page for IE2.0 in 1995. Since that time he's been advocating standards, accessibility, and best-practice HTML5 techniques. He's created enterprise specifications, websites and online applications for companies and organisations including the UK Parliament, the European Parliament, the Department of Energy & Climate Change, Microsoft, and more. He's written more than 1,000 articles for SitePoint and you can find him @craigbuckler.