WordPress Core Automatic Upgrades and Deferrals

WordPress is ever-evolving and we at WP Engine strive to provide a platform that’s secure. We want the experience of updating WordPress, which is a necessity for a successful WordPress site, to be as easy as possible.

For more information about WordPress Updates check out the WordPress Codex.


Functional Releases

This type of update adds features and options to the WordPress core. These are the major, named core updates (“Parker”, “Smith”, “Benny”). This is considered a “branch” and subsequent maintenance and security releases are released within this branch until the next functional release branch is available.

On WP Engine, these updates:

  • Are not pushed out immediately
  • Undergo a lengthy testing period
  • Can be deferred

On the WordPress Codex, these releases are highlighted in dark grey.

Security and Maintenance Releases

These updates contain security or bug fixes to repair a vulnerability in the WordPress core.

On WP Engine, these updates:

  • Are tested briefly after release
  • Are rolled out to site’s ASAP
  • Cannot be deferred

Automatic WordPress Core Updates

Our top priority is the stability, security, and functionality of your sites, and we want to give you time to test the new version against your current configuration. WP Engine does not update during the beta or immediately after the new update is released and all releases undergo some form of testing by our Security team. Once we have analyzed the update and made the needed adjustments to our platform, we will begin updating your sites automatically.

You can subscribe to the WP Engine Status page here to receive email updates.

Smoke Test

WP Engine’s WordPress update program intelligently smoke tests your site before and after performing updates.

  1. Before and after the update process a checkpoint of your site is taken.
  2. If anything other than a 200 OK or 401 Unauthorized response is returned from the smoke test before the update, the automatic update will not be attempted.
  3. If the site is updated and the subsequent smoke test run after returns anything other than a 200 OK or 401 Unauthorized response, we attempt to roll back the site to its previous version of WordPress.

NOTE: There may still be feature changes that are no longer compatible with your site’s plugins, themes, or custom code but don’t necessarily break the site. If that is the case, revert your site and consult with your developer(s) to resolve the issue.

Functional Releases

Our engineering team tests all functional updates thoroughly to see how they react to our platform. We will also take note of any known issues you can expect after an update and have actionable solutions, should you be affected.

Functional releases can be deferred for 30 days after the release has become available on our platform.

Security Updates

It’s extremely important these updates be pushed out to all WordPress sites as soon as possible. Consider this: If the existence of a vulnerability has been know long enough, then not upgrading immediately leaves your site susceptible to an easy compromise. A compromised site means reverting and losing data, or a lengthy period of  time offline for clean-up and remediation.

For this reason, updating to a secure version cannot be deferred.

If your site is not on the most current functional release branch, your site will be upgraded to the next secure release within your current release branch. If your current branch doesn’t have a security update available, you will be upgraded to the next newer branch from your current one.

For example:

  • If you are on WordPress 4.8, you will be upgraded to WordPress 4.8.2
  • If you are on WordPress 5.5.1, you will be upgraded to WordPress 5.5.3

You can find a full list of all WordPress releases within the Release Archive.


Manual WordPress Core Updates

If you would like to have the site updated immediately, you can do so in two ways. We recommend the User Portal method because it automatically creates a checkpoint before and after the upgrade.

Updating through the wp-admin will prompt for a checkpoint, but does not force the creation of one.

Recommended

  1. Log in to the User Portal
  2. Click on the environment name you wish to upgrade
  3. Within the Overview section, locate WordPress Version
  4. Click the refresh arrow icon, to show the most current version available
  5. Click Update to [version number]

Alternate

This core upgrade method is default to WordPress. Be aware that a WP Engine backup is not created automatically before or after the change.

  1. Log in to the WordPress admin dashboard of your site (wp-admin)
  2. Click Dashboard on the menu
  3. Click Updates
  4. Locate Updates
  5. Click Update Now

Defer Automatic Core Upgrades

When you set your environment into update deferral mode, we will not upgrade your environment in our first round of WordPress core upgrades. This gives you 30 extra days to test your site against the new version of WordPress.

NOTE: This does not include security releases.

  1. Log in to the User Portal
  2. Click on the environment name you wish to defer
  3. Within the Overview section, locate WordPress Version
  4. Click the link titled Defer auto updates to defer automatic core upgrades for 30 days

Once updates have been deferred, the text will change to read “Auto updates deferred. Cancel.” Simply click Cancel to enabled automatic core updates again.


Tips Before Upgrading

1. Determine Theme/Plugin Phase: When an update is released the theme/plugin(s) you have installed are in one of following phases based solely on work from its developer:

  • Fully compatible: They have made any needed changes and their product works well with the update.
  • Not compatible, but there is a workaround: Their product is not fully compatible yet, but they have a solution that will work until they do.
  • Not compatible, working on update: Their product is not fully compatible but they’re working on an update that will be.
  • Will not be compatible: Their product is being discontinued or support has ended for that particular product.

NOTE: You may need to contact the developer of your theme/plugin(s) to determine which phase they are in – as WP Engine is not able to make conclusions based on third party plugins.

2. Test In Staging: Once you know the phase they are in and are ready to move forward, the next step is to test the new update in a staging environment. Instructions on creating a staging environment can be found here. You may have to consult with the developer again if you have custom code or special allowances that was available through legacy versions, but not with the new update.


NEXT STEP: Learn how to restore a backup

Still need help? Contact support!

We offer support 24 hours a day, 7 days a week, 365 days a year. Log in to your account to get expert one-on-one help.

The best in WordPress hosting.

See why more customers prefer WP Engine over the competition.