Sapevate che WordPress può aggiornare automaticamente il vostro sito web? In alcuni casi, può includere anche i plugin e i temi.
Gli aggiornamenti automatici di WordPress migliorano la sicurezza, ma i potenziali svantaggi possono superare i benefici per alcuni proprietari di siti web. Abbiamo sperimentato in prima persona che questi aggiornamenti di sfondo possono a volte portare a problemi inaspettati, e in rari casi possono persino rompere il vostro sito.
Per mantenere il pieno controllo sul vostro ambiente WordPress, potreste voler disabilitare del tutto gli aggiornamenti automatici.
In questo articolo vi mostreremo come disabilitare gli aggiornamenti automatici di WordPress, in modo da poterli aggiornare manualmente da soli.
Perché WordPress si aggiorna automaticamente
WordPress aggiorna automaticamente il software principale di WordPress per motivi di sicurezza.
A volte, può anche aggiornare un plugin o un tema per risolvere una potenziale minaccia. Ad esempio, un plugin o un tema di WordPress potrebbe essere aggiornato per rimuovere una vulnerabilità critica. Se quel plugin o quel tema è utilizzato da molti siti web, il team centrale di WordPress potrebbe inviare un aggiornamento automatico.
A parte queste situazioni, WordPress consente di decidere quando installare gli aggiornamenti.
Non consigliamo di disattivare gli aggiornamenti automatici di WordPress. Si tratta di un’importante funzione di sicurezza.
Tuttavia, in alcune rare situazioni, gli aggiornamenti possono danneggiare il vostro sito web o comprometterne la funzionalità. Questo potrebbe farvi perdere affari e clienti.
Se siete sicuri di poter gestire da soli gli aggiornamenti manuali, potete tranquillamente disabilitare gli aggiornamenti automatici in WordPress.
Video tutorial
Se preferite le istruzioni scritte, continuate a leggere.
Metodo 1. Disabilitare gli aggiornamenti automatici di WordPress usando il codice (consigliato)
È possibile disabilitare gli aggiornamenti automatici in WordPress aggiungendo questa riga di codice nel file wp-config.php
:
define( 'WP_AUTO_UPDATE_CORE', false );
Questo disabilita tutti gli aggiornamenti automatici di WordPress.
Importante: assicuratevi di leggere il nostro articolo su come modificare in sicurezza il file wp-config.php in WordPress per avere istruzioni passo passo.
Se si desidera ricevere gli aggiornamenti minori del nucleo, ma disattivare gli aggiornamenti dei temi e dei plugin, è possibile farlo aggiungendo i seguenti filtri nel file functions.php del tema.
Disattivare gli aggiornamenti automatici dei plugin di WordPress:
add_filter( 'auto_update_plugin', '__return_false' );
Disattivare gli aggiornamenti automatici dei temi di WordPress:
add_filter( 'auto_update_theme', '__return_false' );
Ma un modo più semplice e sicuro per farlo è utilizzare il plugin WPCode code snippets.
WPCode semplifica l’aggiunta di snippet di codice in WordPress senza modificare il file functions.php del vostro tema. In questo modo, non dovrete preoccuparvi di rompere il vostro sito.
Inoltre, è dotato di una libreria di codice integrata in cui è possibile trovare snippet di codice PHP per i codici più diffusi, come la disattivazione degli aggiornamenti automatici di WordPress, la disattivazione dell’API REST, la possibilità di caricare file SVG, la disattivazione dei commenti e altro ancora.
In questo modo si elimina la necessità di installare una serie di plugin monouso.
Nota: il plugin gratuito WPCode ha tutto ciò che serve per aggiungere codice personalizzato in WordPress. Se desiderate funzioni avanzate come una libreria privata di snippet in cloud, pixel di conversione, snippet programmati, revisioni del codice e altro ancora, potete passare a WPCode Pro.
Per iniziare, è necessario installare e attivare il plugin gratuito WPCode. Se avete bisogno di aiuto, consultate la nostra guida su come installare un plugin di WordPress.
Una volta attivato il plugin, andare su Code Snippets “ Library dalla dashboard di amministrazione di WordPress.
Quindi, cercate il frammento “Disabilita aggiornamenti automatici” e fate clic sul pulsante “Usa frammento”.
WPCode aggiungerà automaticamente lo snippet di codice e selezionerà il metodo di inserimento corretto.
Lo snippet di codice ha tre filtri per disabilitare gli aggiornamenti del nucleo di WordPress, gli aggiornamenti dei plugin e gli aggiornamenti dei temi.
Se non si desidera utilizzare uno di questi filtri, è sufficiente modificare il codice aggiungendo un // all'
inizio della riga del filtro.
Ad esempio, l’aggiunta di un //
alla riga del filtro degli aggiornamenti automatici del nucleo ne impedisce l’esecuzione. In questo modo, si otterranno comunque gli aggiornamenti automatici per il nucleo, ma non per i plugin e i temi.
A questo punto, è sufficiente spostare l’interruttore da “Inattivo” ad “Attivo”.
Quindi, fare clic sul pulsante “Aggiorna”.
Ecco fatto. Ora avete disabilitato gli aggiornamenti automatici di WordPress.
Metodo 2. Configurare e disabilitare gli aggiornamenti automatici di WordPress con un plugin
Un altro modo per disabilitare gli aggiornamenti automatici di WordPress è installare e attivare il plugin Easy Updates Manager. Se non siete sicuri di come fare, date un’occhiata alla nostra guida passo passo su come installare un plugin di WordPress.
Una volta attivato il plugin, andare su Dashboard ” Opzioni di aggiornamento per configurare le impostazioni.
È possibile scegliere di “Disattivare tutti gli aggiornamenti”, ma non consigliamo questa opzione. Soprattutto perché impedisce la visualizzazione di tutte le notifiche di aggiornamento.
Invece, dovreste scegliere le impostazioni che desiderate. Si possono disabilitare gli aggiornamenti automatici dei plugin e dei temi, ma lasciare abilitati gli aggiornamenti automatici standard del nucleo di WordPress.
Nota: se si sceglie “Disattiva aggiornamenti dei plugin” e “Disattiva aggiornamenti dei temi” invece di “Disattiva aggiornamenti automatici”, non si vedranno nemmeno le notifiche di aggiornamento negli elenchi dei plugin e dei temi.
Easy Updates Manager tiene un registro degli aggiornamenti effettuati, in modo che se qualcosa si rompe sul vostro sito, potete tornare a una versione precedente funzionante. Per visualizzarlo, andate su Dashboard ” Opzioni aggiornamenti e poi fate clic sulla scheda ‘Logs’.
Esiste anche una versione premium di Easy Updates Manager, che offre molte opzioni aggiuntive.
Ad esempio, si integra con UpdraftPlus, uno dei più popolari plugin di backup per WordPress, in modo da poter eseguire automaticamente un backup del sito prima dell’applicazione degli aggiornamenti.
Pro e contro degli aggiornamenti automatici di WordPress
Ora sapete come disabilitare gli aggiornamenti automatici, ma dovreste disabilitarli? Non c’è una risposta giusta e dipende da voi e dal vostro sito web.
Sui nostri siti, abbiamo disabilitato gli aggiornamenti automatici dei plugin e dei temi, mantenendo attivi gli aggiornamenti minori del core.
Vediamo i vantaggi e gli svantaggi degli aggiornamenti automatici. In questo modo potrete decidere se disabilitare gli aggiornamenti automatici sul vostro sito.
Vantaggi degli aggiornamenti automatici in WordPress
Gli aggiornamenti automatici sono ottimi per la sicurezza di WordPress. Molti utenti dimenticano di aggiornare i loro plugin o l’installazione principale di WordPress.
Con gli aggiornamenti automatici di WordPress abilitati, non dovrete preoccuparvi di aggiornare il vostro sito ogni volta che viene rilasciato un aggiornamento minore di WordPress. Questi vengono rilasciati per scopi di manutenzione e sicurezza.
In passato, gli aggiornamenti automatici erano disponibili solo se si pagava un hosting WordPress gestito. Ora sono disponibili per tutti (almeno per le versioni minori).
Sapete anche che se c’è un problema di sicurezza cruciale con WordPress o un plugin popolare, WordPress si aggiorna automaticamente. Anche se siete impegnati o lontani da casa, il vostro sito rimarrà sicuro.
Se avete molti siti, gli aggiornamenti automatici possono farvi risparmiare un bel po’ di tempo. E anche se avete un solo sito, potreste preferire la tranquillità di sapere che WordPress si sta occupando di tutto.
Svantaggi degli aggiornamenti automatici in WordPress
Il team di WordPress responsabile del rilascio degli aggiornamenti si assicura che vengano eseguiti senza intoppi.
Tuttavia, esiste una leggera possibilità che gli aggiornamenti automatici possano danneggiare il vostro sito. In base alla nostra esperienza, le versioni minori non hanno ancora danneggiato nessuno dei nostri siti.
Questo perché stiamo seguendo le migliori pratiche e non stiamo modificando alcun file centrale. Se si modificano i file del nucleo di WordPress, questi aggiornamenti automatici possono sovrascriverli.
Se WordPress dovesse ritenere necessario rilasciare un aggiornamento di sicurezza per un tema che state utilizzando, è possibile che il vostro sito web venga danneggiato. Questo vale soprattutto se avete modificato i file del tema.
Anche gli aggiornamenti automatici dei plugin possono potenzialmente danneggiare il sito. Ci sono troppe variabili, come i diversi ambienti di server e le combinazioni di plugin.
Ora, è importante sapere che questi aggiornamenti non romperanno la stragrande maggioranza dei siti web. Tuttavia, potreste pensare di non voler correre il rischio.
Un altro inconveniente è che non sempre si riceve automaticamente una notifica quando il sito viene aggiornato.
Devo disattivare gli aggiornamenti automatici di WordPress?
In sostanza, la decisione spetta a voi.
Per la maggior parte dei principianti e per la stragrande maggioranza dei siti web WordPress, gli aggiornamenti automatici sono innocui e non vanno disabilitati.
Tuttavia, se gestite un negozio online o non volete perdere affari a causa di un sito non funzionante, potete tranquillamente disattivare gli aggiornamenti automatici.
Tuttavia, assicuratevi di installare manualmente gli aggiornamenti in modo tempestivo per garantire la sicurezza del vostro sito web.
Speriamo che questo articolo vi abbia aiutato a capire come disabilitare gli aggiornamenti automatici in WordPress.
Sia che utilizziate aggiornamenti automatici o manuali, è fondamentale assicurarsi di avere backup regolari del vostro sito. Potreste anche dare un’occhiata alla nostra guida su come fare un backup del vostro sito WordPress o vedere il nostro confronto dei migliori plugin di sicurezza per WordPress.
Se questo articolo vi è piaciuto, iscrivetevi al nostro canale YouTube per le esercitazioni video su WordPress. Potete trovarci anche su Twitter e Facebook.
Stefano
As in the official wordpress site:
Only:
define( ‘AUTOMATIC_UPDATER_DISABLED’, true );
will disable all automatic updates.
define( ‘WP_AUTO_UPDATE_CORE’, false );
will disable only wp core auto updates as the definition says.
Renato Frota
The recommendation to use “add_filter” on wp-config.php is noobish and tend to cause problems – along to break wp-cli (wp-cli.org) to work with your WordPress install.
Use instead:
define( ‘AUTOMATIC_UPDATER_DISABLED’, true );
And ALWAYS put it BEFORE the line that says “That’s it, stop editing!”
WPBeginner Support
Hi Renato,
You probably didn’t notice that the add_filter method clearly says that the code needs to go into functions.php file or a site-specific plugin.
Admin
George Applebee
My horror story was about falling for the concept that backing up my website would protect me from a WP major upgrade.
After manually upgrading my site with a major upgrade, the site broke, so i went to my favorite save my *ss backup software Updraft plus, only to find that the WP upgrade changed the database structure and file names. The backup was worthless because the database couldn’t be overwritten.
Arghh! I had to find an older version of WP and start from scratch with a new DB and WP install. I could then use my backup software to get my client’s website back by installing the plugin. Be aware, WP upgrades can totally change the database structure!
pabster
After months of having auto updates totally disabled with the ‘WP_AUTO_UPDATE_CORE’ false tweak, my WP has managed to auto update on its own!! I was in 3.9 and now all of a sudden I’m in 4.2.2. How’s that possible? Do those folks still have some secret, hidden ace under the sleeve for forcing auto update on people like me?
WPBeginner Support
Sometimes web hosts auto update out-dated software on their servers. Contact your hosting provider.
Admin
pabster
I’ve contacted them. They didn’t update it.
Eoin
My website also auto updated even though I have the snippet in the code to prevent it.???
The hosting company didn’t do it either.
Any ideas?
Una
I hate automatic Wordpress updates. The last one broke my theme.
So thank you so much for the way to diable this.
J Man
I wonder who had this rather crazy idea in the first place…
pabster
It’s a totally commercial thing. Nothing really much to do with “security” and that kind of mantra. We’re in a capitalistic world, and everything is ruled by money. Even “free” software is.
nathi
Updating automatically is a no go for me, alot of customization is in place and needs to be measured against new wordpress versions before proceeding to update-definitely will use this Code. Thanx
Gadi
Is the automatic update can make any crash with the template version ?
grisales
Of course it can happen!
When you download a theme you should check which WP Version is it compatible with.
Always keep on mind that you shouldn’t update the core although there is an update release available unless your plug-ins, and customizations have been tested to be compatible with the version you want to update to by you or the authors of such extensions.
Jan Fikar
For me, I hate when something si updated (rewrited) with no control or whatsoever. The might be not compatble plugin having all webpage killed.
Patrick Mercer
Just experienced an automatic update and even though it worked fine, I found this tip and turned off the auto updates as fast as I could. I hate it when something suddenly starts working different and I have to spend time trying to figure out why. I live my life at my pace, not yours.
ElDerecho
Automatic updates are a phenomenally bad idea for web applications. If they screw up the update (like MS has done with Windows updates a number of times), they will be potentially hosing millions of public sites that businesses rely on. Or worse, if the system is exploited, they’d be giving access to millions of servers to hackers, spammers, and who knows who else.
No to mention, its just plain dangerous to allow executable files (PHP in this case) to be writable by the web server.
Anyways, thanks for the post.
Agarwalls
Thanks very helpful for me.
gabriel
Thank you, this was really a pain
RobS
I agree this is a bad policy and they should create an on/off option in the General Settings. I want to update in a timely manner, but I have run into many situations where a plug-in doesn’t work with the latest WP upgrade. I usually have to wait until the plug-in dev fixes their plug-ins.
If WP could guarantee all plugins are upgraded to work with new updates before they deploy, then sure, it makes sense. But that will never happen in an open source world.
Rachel Ramey
For what it’s worth, my sites all DID auto-update through a major release. (3.7x to 3.8x and 3.8x to 3.9x)
Nicole Kavanagh
I totally agree with the Wordpress Automatic Updates.
As a business owner and selling wordpress extensions, our business model arrived just in time.
Long gone are the days when developers can sell extensions with a lifetime of Updates and Support, who in any business offers a service which is not payed for? It is just not viable or sustainable for any business.
The up keep for maintaining WordPress and e-commerce extensions to be compatible with newer versions is very demanding on any team.
This will really add a new dimension for the developers selling extensions that are not maintained. Usually the cheaper extensions, eventually you may find that these developers will not continue to sell their product.
We started out selling all of our products at a cost of $** offering 1 year of Updates and Support included in this price, any subsequent years thereafter require a new Licence key at a discounted price to continue to receive: Activation, Updates and Support.
The Wordpress automatic updates make sense to us, this is our business and maintaining all of our extensions is what we do.
It does take a lot of time and testing, and then of course the product information, product descriptions, product screen casts, product documentation all needs to be updated as well.
There may be some clients that never updated their Wordpress, e-commerce extensions, and eventually something will break.
But then there are also the clients that update their extensions the minute there is a notification there is an Update.
If all developers are in the same boat with maintaining their code to suit any new versions, it is a level playing field l agree with.
Nicole from Extension Works.
Mac Gyver
Nicole, you are so wrong that I don’t know where to begin.
First, I did not authorize Yoast to change my update settings, and I’m mad as H__L.
Second, the rule is NEVER EVER UPDATE BEFORE DOING A WEBSITE BACKUP. When websites do auto update that safety feature is precluded.
Third, the clumsy auto loading of the WP updates has somehow knocked one of my non-wordpress sites off the internet – Google says:
“If you are the owner of this web site you have not uploaded (or incorrectly uploaded) your web site. For information on uploading your web site using FTP client software or web design software, click here for FTP Upload Information.”
That is my oldest website, not wordpress, and the “update hack” that Yoast installed without my permission caused this and more. I have not changed any configuration on the affected website; the auto WP updates to a subdomain of that primary domain caused this.
Now I have to waste time I had already scheduled to get GoDaddy techs to get my servers straight.
Believe me, when I finish that task I’ll get Yoast’s attention on social media.
Edit: There were not one but TWO of my 6 websites knocked offline by the ill-conceived “hack” by Yoast. If you listen closely you can hear me sizzle.
Orangorangan
Thanks for the snippet! i just tought my web has been updated by someone else, freak me out! haha
Mohsin Alam
I want to disable only themes update, not full core update. How to do that? Thanks
WPBeginner Support
Mohsin, a better strategy is to create a child theme and make all your changes in the child theme. But if you must stop your theme update, then you can do that by editing the theme header in the style.css file.
Admin
anon
Ha! i thought the client had updated the site so i disabled ftp just to find out it’s Wordpress default. LOL!
Never have I heard such a stupid idea in all my time as a developer! How did that get passed – is there an online thread discussing this stupid idea?
CoolStory
You should probably stop using blogging software to build a client’s website then
Dan
If you think WordPress can only be used for blogs you haven’t been paying attention.
Christina
Well, I had a site update to 3.8.2 automatically yesterday and when I went to work this morning, the site’s homepage was broken.
I use genesis framework and a child theme, so I have not edited the core. The site was almost ready to go live, and now I can only hope genesis can help me fix it.
I have a backup, but reallllllly don’t need the hassle of that, especially as it was taken a few days ago.
I will definitely be turning off automatic updates and think they are a terrible idea. Too many variables between plugins and theme conflicts to trust something without taking an immediate backup prior to updating. :O(
Javier
Ok, but what if a hacker takes control over the wordpress server for updates and then push a malicious update?? Half of the websites of the world down, the biggest DoS ever or every server infected with malware. IM FREAKING OUT!!
WPBeginner Support
No automatic updates are quite safe.
Admin
Joanna Benson
The automatic updates are a bad idea. What about plug-in compatibility issues?! I like to be sure that the principal plug-ins that I use on my website are compatible with the latest version of Wordpress BEFORE Wordpress is updated. Finding out AFTER when a plug-in breaks my site because it isn’t yet compatible with the latest version of Wordpress is a headache that I don’t need. The fact that Wordpress wouldn’t have thought about this before implementing the automatic updates is quite surprising!
Christian
I agree! Qtranslate, for example, is a pain as it is coded with the latest wp version number written into the code …
Mark
I am very wary of installing plugins unless I absolutely need them.
Plus I always check with the theme developer about conflicting plugins… I’ve had some bad experiences.
I recommend only using premium plugins because of support and updates
Nicole
I would disable automatic updates because sometimes Wordpress updates because a lot of the time it breaks functionality or messes up the layout on the site. This happens when I’m using a theme that doesn’t work with the new version of Wordpress, or if my site is integrated with the Yii Framework (PHP MVC architecture). It’s better if i’m able to test out the update on a test site instead of the live site automatically updating.
Thanks for the information on how to disable!
Todd Nagel
Thank you for this, I manage quite a few wordpress sites, not everyone has the budget to be where they would like to be at all times, not all the sites have the ‘best’ of code, some are way old so are using older plugins, lots of things can go wrong in an update..
Wordpress adding this in without ‘warning’ really is kind of wrong in my opinion.
and my manual update to 3.8 the other day broke a website because the contact form 7 extra plugin for ‘uplicate confirm email’ is outdated..
as long as you stay within a few updates, your going to be pretty secure, and we always do it on a ‘dev’ folder first..
T
Mel Brady
The last update ruined my good working product. It took a couple days to repair. Is this going to happen on all wordpress updates. I’ve got more to do then fixing my site.
Sharon J
i don’t like automatic updates because I would rather wait in case there are bugs. Also, if there is a problem I have 80-100 customers. What if there is a problem on ALL those sites? I am going to disable automatic updates on my site and on future sites for sure.
Jocelyn Wing
I’m with you Sharon. It’s a disaster waiting to happen. That’s why I am here because I have a client who noticed and complained about why his website look keeps changing.
Thanks to WordPress community for making the software more secure.
Thanks for the advice here.
Arend
I think I have enough off those peoples who think any non technical computer-user is a moron
I think that the sheer arrogance of the Wordpress developers is something I don’t want
to deal with any longer, so after 6 years of happy using it’s goodbye to Wordpress….
and on the look-out for a new Cms sytem without developers trying to make my decisions
Eni
Agree.
Something pretty strange is going on over the Internet. From G, FB,WP…hosting companies…, “security” softwares….., open source browsers and other software we need to use the Internet….seems like everyone is hurrying over each other to make our life “easier” and “safer” by full beg of automatic updates and other “services” running “on our behalf”, with little or no control on our side what’s going on and what’s being done.
Automation like that very likely may destroy peoples long-years efforts results in a second,
without anyone being responsible for such effect.
Coz’ things are complicated and not synchronized to the point that in most cases you would need to spend months if not years to locate where problem(s) arouse from .I doubt anyone of us could deal with such situation. Anyone using WP knows that you need at list 10-20 plugins to make it work per your essential needs. And just coping with plugins and WP updates none of them synchronized with each other, costs you too much time, nerves and energy. Seems like we should be occupied only by doing that.
Makes no sense.
Not good.
JOhnne
Of course it makes sense, it is totally necessary automatic browser updates or we would be stucked in the old ie 6/7 until now with all kind of old css support. You can be angry, but all developpers are thankfull for browser updates, it’s the way microsoft should have done long time ago and we wouldn’t have this crap ie 6 / 7 / 8 versions running until now. We have a major delay in web creativity and innovation today becouse of this, and we are slowing getting of this cenario!
Umm No
Brought a site down today with the 3.8.1, didn’t even know this would happen. turned it off on all other sites. Won’t allow that to happen again. Update on a friday so I can spend my weekend cleaning up the mess they make. and then delete all threads started on wp support about broken sites. Seems like they don’t want people to know they break sites and leave it for you to clean up the mass
Barbara
My two cents: Automatic updates seem to always happen to me at the most inconvenient time. That’s reason enough to turn them off. Thanks for the article!
Glen
I have been a WordPress user since 2007, and since added 3 more websites using WP. I have always updated my own sites when new versions of WP became available. When learning about updates back in 2007 I recall that specific and important instructions were given that all plugins must be disabled before updating to a new version of WP. Therefore, I’ve always done that. Now, with the automatic update for minor versions, my sites are being automatically updated. Does that mean they disable the plugins? If not, what has changed that plugins no longer need to be disabled? I’m a little nervous about this.
WPBeginner Support
Glen, there is no need to worry about that. During the update, WordPress puts your site in maintenance mood which is just like disabling plugins. It then updates your site and then turns off maintenance mood.
Admin
Glen
Thanks a whole bunch, support. I probably should have known that. You’ve certainly put me at ease over this. My previous concerns have gone out the window. Again, thank you.
where to add the code?
you say what file to add it to. where to we add it in that file? my config file has lots of stuff in it that I dont want to mess up. where do I paste the code in that file? need more info please.
Brian
I have two websites that were totally broken last time the updates took place. I have changed core files on http://pizzaspotz.com and http://gotinterviews.com. I am very inexperienced at making child themes. I just don’t seem to be able to do it. Just call me ignorant. But I wonder if I create child themes one day, I could then go ahead and enable automatic updates on these two sites and the auto updates will no longer break the sites.
WPBeginner Support
Brian yes this is why child themes are recommended.
Admin
Brian Humek
Just had to visit your site again today to double check how to disable these updates. I saw WP had updated some of my sites and I guess I’m forgetting a lot these days. I double checked and found my two sites which were messed up in the last update were indeed disabled.
Again, kudos to your easy tutorial.
Nathan
Will adding this line of code into my configuration file help multi-site installations? I need clarification / verification before running that.
WPBeginner Support
Yes
Admin
Paul G.
Hey guys,
I thought I’d let you know of an addition we’ve made to our plugin which lets you completely customize most of the WordPress Automatic Updates for your sites.
You’ll find it under the “Auto Updates” section of the WordPress Simple Firewall ( http://wordpress.org/plugins/wp-simple-firewall/ )
Hope you like!
Paul.
Barbarella a.k.a. The Mad Cat Lady
Not happy with being “forced” to have automatic updates without the option of turning them off. Even though I know how to put this code into wp-config.php, other people might not have a clue, and I think we should at least be given an on/off switch in the dashboard where we could have the choice to disable automatic updates if we wanted to.
Thanks for this snippet of code though. I will apply it to all my sites now (and I have a LOT of WP sites!).
Rachel Ramey
I absolutely agree. The Wordpress user documents themselves specify to ALWAYS BACK UP before updating, and now we don’t have that option because our sites update themselves without asking our permission. And you have to hack the code to turn it off. That’s ridiculous and utterly FOOLISH!
If they’re going to make this a default, then I’m with you – there needs to be an “off” switch or checkbox in the settings.
Patty Ayers
Syed, I’m wondering why the code you provide here seems to be strongly discouraged by Andrew Nacin in this post: http://make.wordpress.org/core/2013/10/25/the-definitive-guide-to-disabling-auto-updates-in-wordpress-3-7/
“The constant AUTOMATIC_UPDATER_DISABLED can be used to disable the automatic updater entirely. It’s like DISALLOW_FILE_MODS — no changes allowed at all — but it’s specific to the auto updater.
Don’t use this to block only core updates! You’ll also be blocking a lot of other functionality. You won’t get translation updates (language packs) for core, themes, and plugins. You won’t receive update notifications sent via email to alert you of new WordPress releases. It also disables all opportunity for fine-grained control.”
Or am I (likely) misunderstanding something?
WPBeginner Support
Thanks Patty for pointing this out. We have updated the article.
Admin
Erni
Are you sure that the code with “true” is right, or is this a mistake and you’ve to add “false” to the code to disable the updates?
For my self I want to update wordpress alone, without any background updates. It would be cool if you’ve an option to decide yourself to deactivate automatic updates.
WPBeginner Support
This is what we are trying to do in this article.
Admin
Erni
Thank you. Sorry my fault I read something different.
Jenny
Thank for this tip, I always prefer to test the compatibility of a new version with plugins installed before using it in production
adolf witzeling
Thank you for posting this quick tip. I just installed WP 3.7 and although I DO want to run the latest version, I still want to be in control in regard to updates-it just makes me nervous something changing without me being aware of, because if something goes wrong after I make a change at least I have a good idea where to start troubleshooting. I recently installed a plug-in updater (which supposed to automatically update my plug-ins) and all I was left with was a blank screen!!. Took me (bloody beginner) a while to get it back up and running. The plug-ins weren’t the problem the updater was, by ignoring some of the installed versions [i.e. 2.3.1 and ignoring the third digit -the (.1)] Don’t wanna go through that shit again.
Cam
@ Henk – For the most part i agree with you, however there are situations in which automatic updates may not be desirable. In my own case I disabled auto updates a while back due to the fact that I have my own system of checks and balances in place. I think that for those users who are vigilant about updating and maintaining their sites, auto-updates are less important than they would be for most users.
Elizabeth
I was horrified after upgrading to 3.7 to see the notice that updates would be automatic. Thank you for posting this fix. I’m still struggling with learning how to use the theme functions file so still have a number of changes to the core files. I know it’s ill-advised but all the changes I’ve made are cosmetic….
Christopher Simmons
Also worth noting, on some installs the permissions may not allow for WP to do *any* updates if the system was installed through an RPM via something like Plesk/Parallels where the folders are “owned” by Apache; these sometimes need to be manually upgraded as any update will fail and possibly break both core and plugins (if WP tries to update plugins also).
Christopher Simmons
Ah. Update: turns out on sites with special permissions/security, WP cleverly will show this banner after 3.7 upgrade:
This site is not able to apply these updates automatically. But we’ll email [adminemail] when there is a new security release
Viktoria Michaelis
A dashboard link to disable or enable would have been a far better solution than having to update a line of code.
Russell Cohen
Yes, that sounds like a much more sensible solution!
ultimatrompeta
You’re right about that. Imagine me, I have to edit 20 websites config file!
Keith Davis
Hi Guys
I was taught to disable all plugins before and upgrade and reactivate after upgrade – don’t people do that any more?
Good to know that it can be disabled and thanks for showing how.
Curt
I’ve been a ( paranoid ) systems administrator for some decades now, and one thing I’ve learned ( Micro$oft taught me very well ) is to NEVER, ever, under ANY circumstances, EVER enable auto-update of anything !
Run it in a sandbox test environment first, to make sure someone’s idea of an “improvement” doesn’t fatally break something you depend on.
I’ll be adding that line for now, but I am SO with Ann-Marie above.
A plug-in autoupdate disabler patch right now, and a configurable option in the core ASAP if not sooner.
Curt
And, I’ve just discovered this update DID break a depended on function in .htaccess, by completely replacing my finely tuned config without making a backup.
Good thing I’d learned this long ago, and make my own backups as *I* see fit.
ann-marie
I am hoping someone comes up with a plugin to stop auto updates.
I am not confident about adding that line of code.
I have 12 wordpress.org sites.
Himanshu G
Yupp!
you are right sometimes we are required to make changes to wordpress core files and we don’t want automatic updates as they can remove those changes done…
I was also interested in knowing that will this feature gonna automatically update plugins and themes also or just the wordpress install (as if we do not makes changes in WordPress than let it be updated automatically…)
suneel
great info…
Thank U
Angelika
You rock! Thank you for your awesome posts! This is very appreciated.
Henk
Do NOT disable automatic updates. They exist for a reason!!
It’s a 1000 times better to have the slight possibility of your site breaking due to an update than have a serious possibility of it being hacked.
Silver
Henk, it depends. When this WP project is business critical then this is bad when this automatic update takes site surprisingly down.
Those project needs attention and those can updated by manual and when errors occurs then you can immidietly make needed corrections …
But when this is some personal blog or something similar then this is good
Kevin Edwards
@Henk,
“It’s a 1000 times better to have the slight possibility of your site breaking due to an update”
For some of us it’s not a slight possibility, but rather a 100% guarantee that an update is going to break the site. I manage several sites that break on updates due to WordPress changing the way it handles enclosures and a necessity to edit functions.php after each update to avoid enclosures from being auto-deleted from my posts.
By disabling auto-update, I can still update in a timely fashion, without worry that at any random time my sites will just break.
Katie
@Kevin – we’re having a problem with the enclosure update, too. What did you add to your functions file to keep these from being auto deleted? Thank you
Eni
Would like to know this as well.
Also
#1
do we need to add additional codes to wp-config.php to prevent auto-updates for theme and all plugins ?
…………….
I’m referring to:
“…The previous configuration options are all-or-nothing. You may, however, want something more fine-grained. The auto_update_$type filter (auto_update_core, auto_update_plugin, auto_update_theme, auto_update_translation) is fired for specific updates…”
http://make.wordpress.org/core/2013/10/25/the-definitive-guide-to-disabling-auto-updates-in-wordpress-3-7/
…………………..
May I add lines:
define( ‘WP_AUTO_UPDATE_THEME’, false );
define( ‘WP_AUTO_UPDATE_PLUGIN’, false );
do disable theme and plugins auto-updates ???
#2
I’ve created a child theme, so could I somehow include those codes in my child theme’s files
(functions.php ???)
so they don’t get overwritten forcing me to write them all over again with every next WP update??
Any input would be much appreciated, thanks
Andy
Sure, if you are just running a blog or whatever like the average WordPress user then it makes sense to have automatic upgrades because WordPress is notoriously insecure due to the large amount of outdated code people are running on their sites.
However, automatic updates are an absolute no no in large businesses to enterprise companies where there is a team of devs doing regular maintenance. Everything needs to be version controlled and tested.
I work most often with Drupal and one of the great things they do is separate security updates from other updates, so there is less chance of breaking your site but also a higher level of security. WordPress on the other hand just lumps in security updates with regular updates.