Are Auto-Updates Good?
As mentioned in the previous section, the concept of keeping a website updated is good and very important. However autonomous, automatic updates of themes and plugins are not always good. There are two key reasons why it isn’t so good:
Updates May Break a Website – Without Knowledge
Sometimes (we have seen this on several occasions) an update to a theme or plugin may break a website. If they are done automatically, this could be without knowledge of the website owner or developer – meaning nobody may be aware. This could result in errors showing or parts of your website not working as expected, to (in the worst case) your website being inaccessible. To compound this, if multiple plugins are updated on a particular day, it can then be tricky to know which update(s) caused the website to break.
Functionality May Change or Compatibility Problems Be Introduced
If a plugin is updated to a new version, the functionality it provides may change. The functionality change may not be something you want or some functionality you did want has now been removed from the plugin.
There is also the possibility that a plugin update may introduce compatibility problems with other plugins. For example the WooCommerce plugin (used for e-commerce sites) may be updated, but other plugins used may not yet be compatible with the latest WooCommerce release. So those plugins may then not work as expected.
What Approach Is Best For Your Site?
In terms of enabling auto-updates for plugins and themes, the best approach ultimately depends on the importance of your website and whether you have an active maintenance / care plan. We’ve outlined the two main types of site below and our suggested approach:
Personal (Non-Business) Website – Without Any Maintenance or Care Plan
In our view, for non-business websites that don’t have any maintenance or care plan, auto-updates should be enabled for all plugins and the theme. This is because the security benefits outweigh the potential risk of the site not working properly.
For business websites (e.g. used for marketing purposes or to generate revenue) that have active maintenance / care plan, we recommend that auto-updates should only be enabled for a minority of plugins.
As part of the maintenance or care plan, your developer or agency will be able to determine suitable plugins to enable auto-update on. These will typically be high quality plugins with good quality QA, good history (in terms of stability) and those that have less / no impact on core site functionality.
For plugins that are not set to auto-update, your agency should be regularly and manually updating these following their normal process. In terms of themes, these should also be manually updated, usually with testing on a staging site first to check for any problems.