WordPress AutoUpdater Restarted

We first launched our WordPress AutoUpdater in 2012. Some tweaks were made to the system a year later, when the original AutoUpdate feature was included in the WordPress core, but we continued to rely primarily on our own system for our customers. The SiteGround AutoUpdater has been used successfully for the last 5 years and has kept a lot of our customers up-to-date and safe from hacks. Thanks to it, more than 70% of the WordPress installations on our servers have been constantly using the latest software version. However, we have been thinking for a while how to get this percentage even closer to 100. The recent security issues with WordPress REST API motivated us to introduce a change into the system that increased the upgrade rate to more than 90%.

What has changed and why?

In short, WordPress users, hosted on SiteGround servers are no longer able to permanently switch off our AutoUpdater. Till now we provided two options: you could skip a single upcoming update, or you could switch off the AutoUpdater completely. From now on, the interface will only allow you to skip one upcoming update. If you want to be removed from the AutoUpdate system permanently you can request it via our Help Desk. (see AutoUpdater tutorial for detailed usage instructions)

We decided to introduce this change, because there were too many people who had switched off the AutoUpdater and had simply forgotten to turn it back on. As a result they were vulnerable to hacks that were easily preventable through auto updates. For example, WordPress 4.7.2 was released last week to fix a major security vulnerability that allows attackers to deface websites using the REST API. This case presented a sufficient incentive for us to restart our system and to include all WordPress installations to be updated under the new rules.

How safe is it to have our AutoUpdater turned on?

The way we perform WordPress application updates is different than the way core update system works, and I can say our method is much safer. First, we make a backup of your site before we launch the update. Once the backup is ready, the system performs the update and installs the latest WordPress version from the official repository. Next, it checks for any errors on your index page. There are numerous checks made and if we detect that your site was somehow broken during the update process, we immediately revert the upgrade and email you that it has failed. So far, our system has shown success rate above 98% in upgrading without problems. However, not all issues can be automatically detected, so you still have the option to revert the upgrade if needed with a single click manually from the tool.

The Result: More than 90% of WordPress Installations on the Latest Version

After the recent campaign and the changes in the AutoUpdate system, we're more than happy that over 90% of the WordPress sites we host are on the latest version - 4.7.2. Meanwhile, more than 2 million WordPress sites across the world have been hacked through the REST API vulnerability. What's even scarier is that this number was 1.5 mil according to BBC just few days ago. We believe that we have responsibility to make everything within our power as a hosting provider to  keep our customers and their websites safe. We understand that there's always a risk when you update a web application like WordPress but with good preparation and checks that risk is minimal, compared to the consequences of having an outdated site!

Product Development - Technical

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

29 Comments

  1. Reply February 15, 2017 / 07:14 kennySiteGround Team

    Thanks for this siteground. Just a point... if I am correct, you will advise (I haven't seen this on the cloud account?) that you will be updating. then the update happens and you do your processes and checks. If we update from the dashboard prior to that, then the backup and the checks that you do, don't happen? (I assume)
    Therefore, it is best to not upgrade from the dashboard and let the siteground process run?

    • Reply February 15, 2017 / 07:19 Hristo PandjarovSiteGround Team

      The changes affect our cloud accounts too. If you update manually before our system, it will skip any further actions. You shouldn't worry about our system, if you want to update manually, you can always do it.

  2. Reply February 15, 2017 / 08:09 PeterSiteGround Team

    SG has been exceeding my expectations in excellence in customer support, quality of service and as we hear above as well: Assuring server security!

    All I can say: Since being with SG I sleep a lot better at night!

    THANK YOU very much for all that you are doing at pricing levels that are truly impressive!!!

    Peter

  3. Reply February 15, 2017 / 09:21 Brian ProwsSiteGround Team

    Great idea! I recently read that 30%+ of all WordPress sites, which represent 27% of ALL websites, are not running the latest WP release. I'm glad SiteGround has taken this positive action to protect users. SiteGround continues to distinguish itself from other hosting companies through constant improvements.

  4. Reply February 16, 2017 / 10:52 Basil BrooksSiteGround Team

    What about major releases? I can absolutely see the sense of auto-upgrading for security releases, but I'm not so sure about major releases that introduce new features, these are more likely to cause problems with templates and plugins etc. I have auto-update switched on for all minor security updates but would prefer to try major releases on one or two of my sites before upgrading them all. Will there be any way to do that with the new system?

    • Reply February 17, 2017 / 01:30 Hristo PandjarovSiteGround Team

      Most of the releases, even major ones are a mix of security fixes, bug fixes and new features. Sometimes, serious security fixes don't even reach the changelog like the famous emoji update, for example. This said, you can always opt-out from a particular update, test it out, do it manually and then leave consecutive updates to happen automatically. We plan to further improve the system though and being able to select how updates work is definitelly something we consider.

    • Reply February 17, 2017 / 02:39 MuMuSiteGround Team

      I second Basil poin of view.

      In this particular case (RESTful API) the bug was introduced in major release while 4.6 branch was immune.
      This demonstrates why keeping the older release (with minor updates on) is often safer then updating with next major release.
      Furthermore usually bug fixes included in major releases are also deployed for the previous version in the form of minor release.

      I think you should definitely consider to let users opt out major updates policy while leaving minor updates available (maybe mandatory).

  5. Reply February 16, 2017 / 17:44 JoeSiteGround Team

    @Hristo

    Do you have any stats on how often a WordPress upgrade will damage or mess up the installed theme or plugins?

    I know that sometimes WooCommerce versions are compatible with certain WordPress versions. Same for other plugins.

    Is the answer to just test and update everything all the time? Or at least after every WP release?

    • Reply February 17, 2017 / 01:35 Hristo PandjarovSiteGround Team

      We do all the possible automatic checks we can and roll back updates when we detect a problem. So far, more than 98% of the updates are successful. Of course, plugin incompatibilities may occur and may affect your site in different undetectable ways but usually WordPress updates don't cause major problems. If you're using a plugin like WooCommerce that adds a ton of new functionality to the application, it's always a good idea to test it out after each update.

  6. Reply February 16, 2017 / 18:05 AlexanderSiteGround Team

    It is a shame!
    Auto update can broke my site.
    Anyone do not must have ability for changing my files .

    • Reply February 17, 2017 / 01:27 Hristo PandjarovSiteGround Team

      If you want to have your sites out of the automatic updates system, please post a ticket in your Help Desk.

  7. Reply February 17, 2017 / 02:21 RarstSiteGround Team

    I dislike this change quite a bit.

    I get the benefit for all the barely maintained sites out there, but this isn't something that should be forced on more serious WP builds. Especially those using Composer or otherwise managing deployment of specific core version.

    This is decision out of arsenal of “managed” WP hosts whose managing primarily consists of padding with layers of restrictions on what can be done. As a dev I value SIteground for giving me good tools to work with and getting out of my way otherwise, this is the first move that runs very contrary to that philosophy.

    I would suggest possibly reverting to allowing cPanel setting in GoGeek accounts and upwards at least.

    • Reply February 17, 2017 / 02:28 Hristo PandjarovSiteGround Team

      Hey Rarst, I completely understand your point on this. You can opt-out from the system by posting a ticket in the Help Desk.

      • February 17, 2017 / 02:43 RarstSiteGround Team

        Yes, I got that and I will. 🙂 My point is mostly I don't _like_ that this is now a restricted helpdesk–level option.

  8. Reply February 17, 2017 / 04:40 HuguesSiteGround Team

    I'm with Rarst on this, I value the flexibility that Siteground generally offers so I really don't like that major updates and minor releases will be treated the same. For me this is an unnecessary restriction which doesn't do thing the "WordPress way".

    I completely agree and welcome auto-updates for minor releases as those are usually without problems and cover security issues but I am not happy to have Siteground apply major releases automatically.

    I would want to be able to set each site I manage for clients to be on manual updates for major core releases and auto updates for minor releases. I don't want to have to go in and opt out manually on 20+ sites before every major update or have to contact support via 20 different accounts...

    Are you planning to offer this feature to set major updates to manual and minor updates to auto as a one time operation ?

    I get that some users never update their sites but that should be handled in a way that doesn't impose restrictions on us developers.

    Thanks
    Hugues

    • Reply February 17, 2017 / 07:06 Hristo PandjarovSiteGround Team

      It's not a restriction at all since you are free to opt-out from the auto update system. We plan more updates soon to that system but I can't give you exact ETA. Note, however that if all your accounts are listed under one username, you can open one ticket and request delisting of all of those.

  9. Reply February 17, 2017 / 07:37 mark k.SiteGround Team

    even minor versions updates are not safe as 4.7.1 breaking SVG uploads shows.

    I need to move my client from the shared hosting environment in which he is hosting right now on your servers (and which I truly enjoy to work in), to some VPS solution, and if this is your attitude, than it is less likely to be SG. Sites that generate money can not afford unplanned down time.. Having some obscure opt-out that I will forget of its existence in two days, is not a solution.

    • Reply February 20, 2017 / 01:01 Hristo PandjarovSiteGround Team

      You can opt-out completely from the auto update system by posting a ticket in your Help Desk in case you incorporate a more sophisticated deployment workflow.

  10. Reply February 17, 2017 / 15:05 MarcosSiteGround Team

    Hi,
    The data of the woocommerce will lose if i update it?, sometimes says alert about it.
    Thanks

    • Reply February 18, 2017 / 02:40 Hristo PandjarovSiteGround Team

      You shouldn't lose any data. However, it's always recommended to make a backup before such upgrades just to be extra sure.

  11. Reply February 17, 2017 / 15:10 StefanSiteGround Team

    I agree with the comments from Rarst and Hugues.

    To avoid misunderstandings: There's no need to explain to me the importantance of WordPress updates in general. As a WordPress developer, consultant and professional site maintainer I give this subject a lot of thought. Eventually, the automation of major CMS updates can under almost no circumstances be a viable solution for professionally used feature-rich websites - or "web applications" if you prefer.

    WordPress itself comes with a sufficiently configurable auto-update mechanism. Critical security patches are of course offered separately from feature updates. I've never heard any complaints about that nor have I myself experienced any significant issues in this respect.
    Like many others I've been recommending Siteground to my customers for it's distinct WordPress awareness, that doesn't come with the paternalism that some other popular Hosts within the WordPress ecosystem involve.

    If Siteground wants to go this route, I think it will do so without a considerable number of WordPress professionals among it's customers and proponents.

    There also seems to be an internal communication issue regarding the new auto-update system. Following the instruction in this blog post I'm currently trying to opt out my customer's sites by logging into each user account and paste my request to the support team - since this is the only long-term solution being offered.

    Parts of the helpdesk stuff obviously isn't yet aware of the opt-out variant via supoort request and told me they were sorry but exceptions from the new system weren't provided.

    Having to write a support ticket on behalf of each of our customers and, furthermore, having to discuss the subject with the support stuff (multiple times) and needing to refer them to this blog post, doesn't quite feel like working on a developer friendly platform.

    • Reply February 17, 2017 / 16:56 StefanSiteGround Team

      I'd like to add, that in the meantime all my requests have been positively answered by the support staff and that they have been exceptionally cooperative and informative.

    • Reply February 20, 2017 / 01:32 Hristo PandjarovSiteGround Team

      We're working on major update on the system which will provide both power and flexibility to newbie and experienced WordPress users. Meanwhile, please post a ticket in your Help Desk to get removed from the automatic update system if you have a better workflow.

  12. Reply February 18, 2017 / 00:52 MarkSiteGround Team

    Have to agree with @Hughs and @Rarst on this. I prefer to test major updates first. Having to request opt out on a per site basis is a pain.

    • Reply February 18, 2017 / 02:31 Hristo PandjarovSiteGround Team

      Every change in a default setting or policy causes inconvenience. It wasn't easy for us to make this decision but we believe it's for the good.

  13. Reply February 18, 2017 / 12:45 EveSiteGround Team

    a fellow developer asks:Are they doing automatic updates for major versions (e.g. 4.6 to 4.7)? This can have some negative effects, as updating to 4.7 exposed lots of sites to a huge security issue that wasn’t fixed until 4.7.1.

    Generally it’s safe to go auto for minor updates (4.6.1. to 4.6.2)

    Also, it’s unlikely that issues that happen in the dashboard would be caught by these automated checks. For example, the issue introduced in 4.7 where people can’t upload documents other than images.

    • Reply February 20, 2017 / 01:28 Hristo PandjarovSiteGround Team

      Yes, we do major updates too. You can opt-out from individual update from the tool itself or completely by posting a ticket in your Help Desk.

  14. Reply February 19, 2017 / 12:26 Paul DahlenSiteGround Team

    Until SiteGround provides a way to roll back an automatic upgrade that breaks a client's site, I will be opting out for all my clients.

Reply

* (Required)