WordPress’in web sitenizi otomatik olarak güncelleyebildiğini biliyor muydunuz? Bazı durumlarda buna eklentiler ve temalar da dahil olabilir.
Otomatik WordPress güncellemeleri güvenliği artırır, ancak bazı web sitesi sahipleri için potansiyel dezavantajları faydalarından daha ağır basabilir. Bu arka plan güncellemelerinin bazen beklenmedik sorunlara yol açabileceğini, hatta nadir durumlarda sitenizi bozabileceğini ilk elden deneyimledik.
WordPress ortamınız üzerinde tam kontrol sahibi olmak için otomatik güncellemeleri tamamen devre dışı bırakmak isteyebilirsiniz.
Bu makalede, WordPress’te otomatik güncellemeleri nasıl devre dışı bırakacağınızı göstereceğiz, böylece kendi başınıza manuel olarak güncelleme yapabilirsiniz.
WordPress Neden Otomatik Olarak Güncellenir?
WordPress, güvenlik nedeniyle çekirdek WordPress yazılımını otomatik olarak günceller.
Bazen, potansiyel bir tehdidi düzeltmek için bir eklentiyi veya temayı da güncelleyebilir. Örneğin, bir WordPress eklentisi veya teması kritik bir güvenlik açığını gidermek için güncellenebilir. Bu eklenti veya tema çok sayıda web sitesi tarafından kullanılıyorsa, WordPress çekirdek ekibi bunun için otomatik bir güncelleme yayınlayabilir.
Bu durumların dışında WordPress, güncellemeleri ne zaman yüklemek istediğinize karar vermenizi sağlar.
Otomatik WordPress güncellemelerini kapatmanızı önermiyoruz. Bunlar önemli bir güvenlik özelliğidir.
Ancak bazı nadir durumlarda güncellemeler web sitenizi bozabilir veya işlevselliğini etkileyebilir. Bu da işinizi ve müşterilerinizi kaybetmenize neden olabilir.
Manuel güncellemeleri kendiniz yönetebileceğinizden eminseniz, WordPress’te otomatik güncellemeleri güvenle devre dışı bırakabilirsiniz.
Video Eğitimi
Yazılı talimatları tercih ediyorsanız, okumaya devam edin.
Yöntem 1. Kod Kullanarak Otomatik WordPress Güncellemelerini Devre Dışı Bırakma (Önerilen)
WordPress’te otomatik güncellemeleri wp-config.php
dosyanıza bu kod satırını ekleyerek devre dışı bırakabilirsiniz:
define( 'WP_AUTO_UPDATE_CORE', false );
Bu, tüm otomatik WordPress güncellemelerini devre dışı bırakacaktır.
Önemli: Adım adım talimatlar için WordPress’te wp-config.php dosyasının nasıl güvenli bir şekilde düzenleneceğine ilişkin makalemizi okuduğunuzdan emin olun.
Küçük çekirdek güncellemelerini almak, ancak tema ve eklenti güncellemelerini devre dışı bırakmak istiyorsanız, temanızın functions.php dosyasına aşağıdaki filtreleri ekleyerek bunu yapabilirsiniz.
Otomatik WordPress eklenti güncellemelerini devre dışı bırakın:
add_filter( 'auto_update_plugin', '__return_false' );
Otomatik WordPress tema güncellemelerini devre dışı bırakın:
add_filter( 'auto_update_theme', '__return_false' );
Ancak, bunu yapmanın daha kolay ve güvenli bir yolu WPCode kod parçacıkları eklentisini kullanmaktır.
WPCode, temanızın functions.php dosyasını düzenlemeden WordPress’e kod parçacıkları eklemeyi kolaylaştırır. Bu şekilde, sitenizi bozma konusunda endişelenmenize gerek kalmaz.
Ayrıca, otomatik WordPress güncellemelerini devre dışı bırakma, REST API‘yi devre dışı bırakma, SVG dosya yüklemelerine izin verme, yorumları devre dışı bırakma ve daha fazlası gibi popüler kod parçacıkları için PHP kod parçacıklarını bulabileceğiniz yerleşik bir kod kitaplığı ile birlikte gelir.
Bu, bir sürü tek kullanımlık eklenti yükleme ihtiyacını ortadan kaldırır.
Not: Ücretsiz WPCode eklentisi WordPress’e özel kod eklemek için ihtiyacınız olan her şeye sahiptir. Özel bulut snippet kütüphanesi, dönüşüm pikselleri, zamanlanmış snippet’ler, kod revizyonları ve daha fazlası gibi gelişmiş özellikler istiyorsanız WPCode Pro‘ya yükseltebilirsiniz.
Başlamak için ücretsiz WPCode eklentisini yüklemeniz ve etkinleştirmeniz gerekir. Yardıma ihtiyacınız varsa, WordPress eklentisi yükleme kılavuzumuza bakın.
Eklenti etkinleştirildikten sonra, WordPress yönetici panonuzdan Code Snippets “ Library bölümüne gidin.
Ardından, ‘Otomatik Güncellemeleri Devre Dışı Bırak’ snippet’ini arayın ve ‘Snippet’i kullan’ düğmesine tıklayın.
WPCode daha sonra kod parçacığını otomatik olarak ekleyecek ve uygun ekleme yöntemini seçecektir.
Kod parçacığı, WordPress çekirdek güncellemelerini, eklenti güncellemelerini ve tema güncellemelerini devre dışı bırakmak için üç filtreye sahiptir.
Bu filtrelerden birini kullanmak istemiyorsanız, filtre satırının başına bir //
eklemek için kodu düzenlemeniz yeterlidir.
Örneğin, çekirdek otomatik güncellemeleri filtre satırına bir //
eklemek, bunun çalışmasını önleyecektir. Böylece, çekirdek için otomatik güncellemeler almaya devam edersiniz, ancak eklentiler ve temalar için güncelleme alamazsınız.
Bundan sonra yapmanız gereken tek şey anahtarı ‘Etkin Değil’den ‘Etkin’e geçirmektir.
Ardından, ‘Güncelle’ düğmesine tıklayın.
İşte bu kadar. Artık WordPress’te otomatik güncellemeleri devre dışı bıraktınız.
Yöntem 2. Otomatik WordPress Güncellemelerini Bir Eklenti ile Yapılandırma ve Devre Dışı Bırakma
Otomatik WordPress güncellemelerini devre dışı bırakmanın bir başka yolu da Easy Updates Manager eklentisini yüklemek ve etkinleştirmektir. Bunu nasıl yapacağınızdan emin değilseniz, bir WordPress eklentisinin nasıl kurulacağına ilişkin adım adım kılavuzumuza göz atın.
Eklenti etkinleştirildikten sonra, ayarlarınızı yapılandırmak için Gösterge Tablosu ” Güncellemeler Seçenekleri ‘ne gidin.
‘Tüm güncellemeleri devre dışı bırak’ı seçebilirsiniz, ancak bu seçeneği önermiyoruz. Öncelikle tüm güncelleme bildirimlerinin görünmesini engelleyeceği için.
Bunun yerine, istediğiniz ayarları seçmelisiniz. Eklenti ve tema otomatik güncellemelerini devre dışı bırakabilir, ancak standart çekirdek WordPress otomatik güncellemelerini etkin bırakabilirsiniz.
Not: ‘Otomatik güncellemeleri devre dışı bırak’ yerine ‘Eklenti güncellemelerini devre dışı bırak’ ve ‘Tema güncellemelerini devre dışı bırak’ı seçerseniz, eklenti ve tema listelerinizde güncelleme bildirimlerini bile göremezsiniz.
Easy Updates Manager nelerin güncellendiğine dair bir günlük tutar, böylece sitenizde herhangi bir şey bozulursa, önceki çalışan bir sürüme geri dönebilirsiniz. Bunu görüntülemek için Kontrol Paneli ” Güncellemeler Seçenekleri ‘ne gidin ve ardından ‘Günlükler’ sekmesine tıklayın.
Easy Updates Manager’ın birçok ekstra seçenek sunan premium bir sürümü de var.
Örneğin, en popüler WordPress yedekleme eklentilerinden biri olan UpdraftPlus ile entegre olur, böylece güncellemeler uygulanmadan önce sitenizin bir yedeğini otomatik olarak çalıştırabilirsiniz.
Otomatik WordPress Güncellemelerinin Artıları ve Eksileri
Artık otomatik güncellemeleri nasıl devre dışı bırakacağınızı biliyorsunuz, ancak bunları devre dışı bırakmalı mısınız? Doğru bir cevap yok ve bu size ve web sitenize bağlı.
Sitelerimizde, küçük çekirdek güncellemelerini etkin tutarken otomatik eklenti ve tema güncellemelerini devre dışı bıraktık.
Otomatik güncellemelerin avantaj ve dezavantajlarına bir göz atalım. Bu şekilde, sitenizde otomatik güncellemeleri devre dışı bırakıp bırakmayacağınıza karar verebilirsiniz.
WordPress’te Otomatik Güncellemelerin Avantajları
Otomatik güncellemeler WordPress güvenliği için harikadır. Birçok kullanıcı eklentilerini veya çekirdek WordPress kurulumunu güncellemeyi unutur.
Otomatik WordPress güncellemeleri etkinleştirildiğinde, WordPress için küçük bir güncelleme yayınlandığında sitenizi güncellemek konusunda endişelenmenize gerek kalmaz. Bunlar bakım ve güvenlik amacıyla yayınlanır.
Geçmişte, otomatik güncellemeler yalnızca yönetimli WordPress hosting için ödeme yaparak elde edebileceğiniz bir şeydi. Artık herkes için mevcut (en azından küçük sürümler için).
Ayrıca WordPress veya popüler bir eklentiyle ilgili önemli bir güvenlik sorunu olduğunda WordPress’in otomatik olarak güncelleme yapacağını da biliyorsunuz. Meşgul olsanız veya evinizden uzakta olsanız bile siteniz güvende kalacaktır.
Çok sayıda siteniz varsa, otomatik güncellemeler size oldukça zaman kazandırabilir. Ve yalnızca bir siteniz olsa bile, WordPress’in her şeyle ilgilendiğini bilmenin verdiği huzuru tercih edebilirsiniz.
WordPress’te Otomatik Güncellemelerin Dezavantajları
Güncellemeleri yayınlamaktan sorumlu çekirdek WordPress ekibi, bunun bir aksaklık olmadan gerçekleşmesini sağlar.
Ancak, otomatik güncellemelerin sitenizi bozma ihtimali az da olsa vardır. Deneyimlerimize göre, küçük sürümler henüz hiçbir sitemizi bozmadı.
Bunun nedeni, en iyi uygulamaları takip etmemiz ve herhangi bir çekirdek dosyayı değiştirmememizdir. WordPress çekirdek dosyalarını değiştirirseniz, bu otomatik güncellemeler onları geçersiz kılabilir.
WordPress, kullandığınız bir tema için bir güvenlik güncellemesi yayınlama gereği duyarsa, bunun web sitenizi bozma ihtimali vardır. Bu durum özellikle tema dosyalarınızı değiştirdiyseniz geçerlidir.
Otomatik eklenti güncellemeleri de potansiyel olarak sitenizi bozabilir. Farklı sunucu ortamları ve eklenti kombinasyonları gibi çok fazla değişken vardır.
Şimdi, bu güncellemelerin web sitelerinin büyük çoğunluğunu bozmayacağını bilmek önemlidir. Yine de, risk almak istemediğinizi düşünebilirsiniz.
Diğer bir dezavantaj ise siteniz güncellendiğinde her zaman otomatik olarak bildirim almayacak olmanızdır.
Otomatik WordPress Güncellemelerini Devre Dışı Bırakmalı mıyım?
Temel olarak, bu kararı vermek size kalmış.
Yeni başlayanların çoğu ve WordPress web sitelerinin büyük çoğunluğu için otomatik güncellemeler zararsızdır ve bunları devre dışı bırakmamalısınız.
Ancak, çevrimiçi bir mağaza işletiyorsanız veya bozuk bir site nedeniyle iş kaybetmek istemiyorsanız, otomatik güncellemeleri güvenle kapatabilirsiniz.
Yine de, web sitenizin güvenliğini sağlamak için bu güncellemeleri zamanında manuel olarak yüklediğinizden emin olun.
Umarız bu makale WordPress’te otomatik güncellemeleri nasıl devre dışı bırakacağınızı öğrenmenize yardımcı olmuştur.
İster otomatik ister manuel güncellemeler kullanıyor olun, sitenizin düzenli yedeklerini aldığınızdan emin olmanız çok önemlidir. WordPress sitenizin yedeğini nasıl alacağınıza ilişkin kılavuzumuza göz atmak veya en iyi WordPress güvenlik eklentileri karşılaştırmamıza bakmak da isteyebilirsiniz.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
Syed Balkhi
Hey WPBeginner readers,
Did you know you can win exciting prizes by commenting on WPBeginner?
Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
You can get more details about the contest from here.
Start sharing your thoughts below to stand a chance to win!
Stefano
As in the official wordpress site:
Only:
define( ‘AUTOMATIC_UPDATER_DISABLED’, true );
will disable all automatic updates.
define( ‘WP_AUTO_UPDATE_CORE’, false );
will disable only wp core auto updates as the definition says.
Renato Frota
The recommendation to use “add_filter” on wp-config.php is noobish and tend to cause problems – along to break wp-cli (wp-cli.org) to work with your WordPress install.
Use instead:
define( ‘AUTOMATIC_UPDATER_DISABLED’, true );
And ALWAYS put it BEFORE the line that says “That’s it, stop editing!”
WPBeginner Support
Hi Renato,
You probably didn’t notice that the add_filter method clearly says that the code needs to go into functions.php file or a site-specific plugin.
Yönetici
George Applebee
My horror story was about falling for the concept that backing up my website would protect me from a WP major upgrade.
After manually upgrading my site with a major upgrade, the site broke, so i went to my favorite save my *ss backup software Updraft plus, only to find that the WP upgrade changed the database structure and file names. The backup was worthless because the database couldn’t be overwritten.
Arghh! I had to find an older version of WP and start from scratch with a new DB and WP install. I could then use my backup software to get my client’s website back by installing the plugin. Be aware, WP upgrades can totally change the database structure!
pabster
After months of having auto updates totally disabled with the ‘WP_AUTO_UPDATE_CORE’ false tweak, my WP has managed to auto update on its own!! I was in 3.9 and now all of a sudden I’m in 4.2.2. How’s that possible? Do those folks still have some secret, hidden ace under the sleeve for forcing auto update on people like me?
WPBeginner Support
Sometimes web hosts auto update out-dated software on their servers. Contact your hosting provider.
Yönetici
pabster
I’ve contacted them. They didn’t update it.
Eoin
My website also auto updated even though I have the snippet in the code to prevent it.???
The hosting company didn’t do it either.
Any ideas?
Una
I hate automatic Wordpress updates. The last one broke my theme.
So thank you so much for the way to diable this.
J Man
I wonder who had this rather crazy idea in the first place…
pabster
It’s a totally commercial thing. Nothing really much to do with “security” and that kind of mantra. We’re in a capitalistic world, and everything is ruled by money. Even “free” software is.
nathi
Updating automatically is a no go for me, alot of customization is in place and needs to be measured against new wordpress versions before proceeding to update-definitely will use this Code. Thanx
Gadi
Is the automatic update can make any crash with the template version ?
grisales
Of course it can happen!
When you download a theme you should check which WP Version is it compatible with.
Always keep on mind that you shouldn’t update the core although there is an update release available unless your plug-ins, and customizations have been tested to be compatible with the version you want to update to by you or the authors of such extensions.
Jan Fikar
For me, I hate when something si updated (rewrited) with no control or whatsoever. The might be not compatble plugin having all webpage killed.
Patrick Mercer
Just experienced an automatic update and even though it worked fine, I found this tip and turned off the auto updates as fast as I could. I hate it when something suddenly starts working different and I have to spend time trying to figure out why. I live my life at my pace, not yours.
ElDerecho
Automatic updates are a phenomenally bad idea for web applications. If they screw up the update (like MS has done with Windows updates a number of times), they will be potentially hosing millions of public sites that businesses rely on. Or worse, if the system is exploited, they’d be giving access to millions of servers to hackers, spammers, and who knows who else.
No to mention, its just plain dangerous to allow executable files (PHP in this case) to be writable by the web server.
Anyways, thanks for the post.
Agarwalls
Thanks very helpful for me.
gabriel
Thank you, this was really a pain
RobS
I agree this is a bad policy and they should create an on/off option in the General Settings. I want to update in a timely manner, but I have run into many situations where a plug-in doesn’t work with the latest WP upgrade. I usually have to wait until the plug-in dev fixes their plug-ins.
If WP could guarantee all plugins are upgraded to work with new updates before they deploy, then sure, it makes sense. But that will never happen in an open source world.
Rachel Ramey
For what it’s worth, my sites all DID auto-update through a major release. (3.7x to 3.8x and 3.8x to 3.9x)
Nicole Kavanagh
I totally agree with the Wordpress Automatic Updates.
As a business owner and selling wordpress extensions, our business model arrived just in time.
Long gone are the days when developers can sell extensions with a lifetime of Updates and Support, who in any business offers a service which is not payed for? It is just not viable or sustainable for any business.
The up keep for maintaining WordPress and e-commerce extensions to be compatible with newer versions is very demanding on any team.
This will really add a new dimension for the developers selling extensions that are not maintained. Usually the cheaper extensions, eventually you may find that these developers will not continue to sell their product.
We started out selling all of our products at a cost of $** offering 1 year of Updates and Support included in this price, any subsequent years thereafter require a new Licence key at a discounted price to continue to receive: Activation, Updates and Support.
The Wordpress automatic updates make sense to us, this is our business and maintaining all of our extensions is what we do.
It does take a lot of time and testing, and then of course the product information, product descriptions, product screen casts, product documentation all needs to be updated as well.
There may be some clients that never updated their Wordpress, e-commerce extensions, and eventually something will break.
But then there are also the clients that update their extensions the minute there is a notification there is an Update.
If all developers are in the same boat with maintaining their code to suit any new versions, it is a level playing field l agree with.
Nicole from Extension Works.
Mac Gyver
Nicole, you are so wrong that I don’t know where to begin.
First, I did not authorize Yoast to change my update settings, and I’m mad as H__L.
Second, the rule is NEVER EVER UPDATE BEFORE DOING A WEBSITE BACKUP. When websites do auto update that safety feature is precluded.
Third, the clumsy auto loading of the WP updates has somehow knocked one of my non-wordpress sites off the internet – Google says:
“If you are the owner of this web site you have not uploaded (or incorrectly uploaded) your web site. For information on uploading your web site using FTP client software or web design software, click here for FTP Upload Information.”
That is my oldest website, not wordpress, and the “update hack” that Yoast installed without my permission caused this and more. I have not changed any configuration on the affected website; the auto WP updates to a subdomain of that primary domain caused this.
Now I have to waste time I had already scheduled to get GoDaddy techs to get my servers straight.
Believe me, when I finish that task I’ll get Yoast’s attention on social media.
Edit: There were not one but TWO of my 6 websites knocked offline by the ill-conceived “hack” by Yoast. If you listen closely you can hear me sizzle.
Orangorangan
Thanks for the snippet! i just tought my web has been updated by someone else, freak me out! haha
Mohsin Alam
I want to disable only themes update, not full core update. How to do that? Thanks
WPBeginner Support
Mohsin, a better strategy is to create a child theme and make all your changes in the child theme. But if you must stop your theme update, then you can do that by editing the theme header in the style.css file.
Yönetici
anon
Ha! i thought the client had updated the site so i disabled ftp just to find out it’s Wordpress default. LOL!
Never have I heard such a stupid idea in all my time as a developer! How did that get passed – is there an online thread discussing this stupid idea?
CoolStory
You should probably stop using blogging software to build a client’s website then
Dan
If you think WordPress can only be used for blogs you haven’t been paying attention.
Christina
Well, I had a site update to 3.8.2 automatically yesterday and when I went to work this morning, the site’s homepage was broken.
I use genesis framework and a child theme, so I have not edited the core. The site was almost ready to go live, and now I can only hope genesis can help me fix it.
I have a backup, but reallllllly don’t need the hassle of that, especially as it was taken a few days ago.
I will definitely be turning off automatic updates and think they are a terrible idea. Too many variables between plugins and theme conflicts to trust something without taking an immediate backup prior to updating. :O(
Javier
Ok, but what if a hacker takes control over the wordpress server for updates and then push a malicious update?? Half of the websites of the world down, the biggest DoS ever or every server infected with malware. IM FREAKING OUT!!
WPBeginner Support
No automatic updates are quite safe.
Yönetici
Joanna Benson
The automatic updates are a bad idea. What about plug-in compatibility issues?! I like to be sure that the principal plug-ins that I use on my website are compatible with the latest version of Wordpress BEFORE Wordpress is updated. Finding out AFTER when a plug-in breaks my site because it isn’t yet compatible with the latest version of Wordpress is a headache that I don’t need. The fact that Wordpress wouldn’t have thought about this before implementing the automatic updates is quite surprising!
Christian
I agree! Qtranslate, for example, is a pain as it is coded with the latest wp version number written into the code …
Mark
I am very wary of installing plugins unless I absolutely need them.
Plus I always check with the theme developer about conflicting plugins… I’ve had some bad experiences.
I recommend only using premium plugins because of support and updates
Nicole
I would disable automatic updates because sometimes Wordpress updates because a lot of the time it breaks functionality or messes up the layout on the site. This happens when I’m using a theme that doesn’t work with the new version of Wordpress, or if my site is integrated with the Yii Framework (PHP MVC architecture). It’s better if i’m able to test out the update on a test site instead of the live site automatically updating.
Thanks for the information on how to disable!
Todd Nagel
Thank you for this, I manage quite a few wordpress sites, not everyone has the budget to be where they would like to be at all times, not all the sites have the ‘best’ of code, some are way old so are using older plugins, lots of things can go wrong in an update..
Wordpress adding this in without ‘warning’ really is kind of wrong in my opinion.
and my manual update to 3.8 the other day broke a website because the contact form 7 extra plugin for ‘uplicate confirm email’ is outdated..
as long as you stay within a few updates, your going to be pretty secure, and we always do it on a ‘dev’ folder first..
T
Mel Brady
The last update ruined my good working product. It took a couple days to repair. Is this going to happen on all wordpress updates. I’ve got more to do then fixing my site.
Sharon J
i don’t like automatic updates because I would rather wait in case there are bugs. Also, if there is a problem I have 80-100 customers. What if there is a problem on ALL those sites? I am going to disable automatic updates on my site and on future sites for sure.
Jocelyn Wing
I’m with you Sharon. It’s a disaster waiting to happen. That’s why I am here because I have a client who noticed and complained about why his website look keeps changing.
Thanks to WordPress community for making the software more secure.
Thanks for the advice here.
Arend
I think I have enough off those peoples who think any non technical computer-user is a moron
I think that the sheer arrogance of the Wordpress developers is something I don’t want
to deal with any longer, so after 6 years of happy using it’s goodbye to Wordpress….
and on the look-out for a new Cms sytem without developers trying to make my decisions
Eni
Agree.
Something pretty strange is going on over the Internet. From G, FB,WP…hosting companies…, “security” softwares….., open source browsers and other software we need to use the Internet….seems like everyone is hurrying over each other to make our life “easier” and “safer” by full beg of automatic updates and other “services” running “on our behalf”, with little or no control on our side what’s going on and what’s being done.
Automation like that very likely may destroy peoples long-years efforts results in a second,
without anyone being responsible for such effect.
Coz’ things are complicated and not synchronized to the point that in most cases you would need to spend months if not years to locate where problem(s) arouse from .I doubt anyone of us could deal with such situation. Anyone using WP knows that you need at list 10-20 plugins to make it work per your essential needs. And just coping with plugins and WP updates none of them synchronized with each other, costs you too much time, nerves and energy. Seems like we should be occupied only by doing that.
Makes no sense.
Not good.
JOhnne
Of course it makes sense, it is totally necessary automatic browser updates or we would be stucked in the old ie 6/7 until now with all kind of old css support. You can be angry, but all developpers are thankfull for browser updates, it’s the way microsoft should have done long time ago and we wouldn’t have this crap ie 6 / 7 / 8 versions running until now. We have a major delay in web creativity and innovation today becouse of this, and we are slowing getting of this cenario!
Umm No
Brought a site down today with the 3.8.1, didn’t even know this would happen. turned it off on all other sites. Won’t allow that to happen again. Update on a friday so I can spend my weekend cleaning up the mess they make. and then delete all threads started on wp support about broken sites. Seems like they don’t want people to know they break sites and leave it for you to clean up the mass
Barbara
My two cents: Automatic updates seem to always happen to me at the most inconvenient time. That’s reason enough to turn them off. Thanks for the article!
Glen
I have been a WordPress user since 2007, and since added 3 more websites using WP. I have always updated my own sites when new versions of WP became available. When learning about updates back in 2007 I recall that specific and important instructions were given that all plugins must be disabled before updating to a new version of WP. Therefore, I’ve always done that. Now, with the automatic update for minor versions, my sites are being automatically updated. Does that mean they disable the plugins? If not, what has changed that plugins no longer need to be disabled? I’m a little nervous about this.
WPBeginner Support
Glen, there is no need to worry about that. During the update, WordPress puts your site in maintenance mood which is just like disabling plugins. It then updates your site and then turns off maintenance mood.
Yönetici
Glen
Thanks a whole bunch, support. I probably should have known that. You’ve certainly put me at ease over this. My previous concerns have gone out the window. Again, thank you.
where to add the code?
you say what file to add it to. where to we add it in that file? my config file has lots of stuff in it that I dont want to mess up. where do I paste the code in that file? need more info please.
Brian
I have two websites that were totally broken last time the updates took place. I have changed core files on http://pizzaspotz.com and http://gotinterviews.com. I am very inexperienced at making child themes. I just don’t seem to be able to do it. Just call me ignorant. But I wonder if I create child themes one day, I could then go ahead and enable automatic updates on these two sites and the auto updates will no longer break the sites.
WPBeginner Support
Brian yes this is why child themes are recommended.
Yönetici
Brian Humek
Just had to visit your site again today to double check how to disable these updates. I saw WP had updated some of my sites and I guess I’m forgetting a lot these days. I double checked and found my two sites which were messed up in the last update were indeed disabled.
Again, kudos to your easy tutorial.
Nathan
Will adding this line of code into my configuration file help multi-site installations? I need clarification / verification before running that.
WPBeginner Support
Yes
Yönetici
Paul G.
Hey guys,
I thought I’d let you know of an addition we’ve made to our plugin which lets you completely customize most of the WordPress Automatic Updates for your sites.
You’ll find it under the “Auto Updates” section of the WordPress Simple Firewall ( http://wordpress.org/plugins/wp-simple-firewall/ )
Hope you like!
Paul.
Barbarella a.k.a. The Mad Cat Lady
Not happy with being “forced” to have automatic updates without the option of turning them off. Even though I know how to put this code into wp-config.php, other people might not have a clue, and I think we should at least be given an on/off switch in the dashboard where we could have the choice to disable automatic updates if we wanted to.
Thanks for this snippet of code though. I will apply it to all my sites now (and I have a LOT of WP sites!).
Rachel Ramey
I absolutely agree. The Wordpress user documents themselves specify to ALWAYS BACK UP before updating, and now we don’t have that option because our sites update themselves without asking our permission. And you have to hack the code to turn it off. That’s ridiculous and utterly FOOLISH!
If they’re going to make this a default, then I’m with you – there needs to be an “off” switch or checkbox in the settings.
Patty Ayers
Syed, I’m wondering why the code you provide here seems to be strongly discouraged by Andrew Nacin in this post: http://make.wordpress.org/core/2013/10/25/the-definitive-guide-to-disabling-auto-updates-in-wordpress-3-7/
“The constant AUTOMATIC_UPDATER_DISABLED can be used to disable the automatic updater entirely. It’s like DISALLOW_FILE_MODS — no changes allowed at all — but it’s specific to the auto updater.
Don’t use this to block only core updates! You’ll also be blocking a lot of other functionality. You won’t get translation updates (language packs) for core, themes, and plugins. You won’t receive update notifications sent via email to alert you of new WordPress releases. It also disables all opportunity for fine-grained control.”
Or am I (likely) misunderstanding something?
WPBeginner Support
Thanks Patty for pointing this out. We have updated the article.
Yönetici
Erni
Are you sure that the code with “true” is right, or is this a mistake and you’ve to add “false” to the code to disable the updates?
For my self I want to update wordpress alone, without any background updates. It would be cool if you’ve an option to decide yourself to deactivate automatic updates.
WPBeginner Support
This is what we are trying to do in this article.
Yönetici
Erni
Thank you. Sorry my fault I read something different.
Jenny
Thank for this tip, I always prefer to test the compatibility of a new version with plugins installed before using it in production
adolf witzeling
Thank you for posting this quick tip. I just installed WP 3.7 and although I DO want to run the latest version, I still want to be in control in regard to updates-it just makes me nervous something changing without me being aware of, because if something goes wrong after I make a change at least I have a good idea where to start troubleshooting. I recently installed a plug-in updater (which supposed to automatically update my plug-ins) and all I was left with was a blank screen!!. Took me (bloody beginner) a while to get it back up and running. The plug-ins weren’t the problem the updater was, by ignoring some of the installed versions [i.e. 2.3.1 and ignoring the third digit -the (.1)] Don’t wanna go through that shit again.
Cam
@ Henk – For the most part i agree with you, however there are situations in which automatic updates may not be desirable. In my own case I disabled auto updates a while back due to the fact that I have my own system of checks and balances in place. I think that for those users who are vigilant about updating and maintaining their sites, auto-updates are less important than they would be for most users.
Elizabeth
I was horrified after upgrading to 3.7 to see the notice that updates would be automatic. Thank you for posting this fix. I’m still struggling with learning how to use the theme functions file so still have a number of changes to the core files. I know it’s ill-advised but all the changes I’ve made are cosmetic….
Christopher Simmons
Also worth noting, on some installs the permissions may not allow for WP to do *any* updates if the system was installed through an RPM via something like Plesk/Parallels where the folders are “owned” by Apache; these sometimes need to be manually upgraded as any update will fail and possibly break both core and plugins (if WP tries to update plugins also).
Christopher Simmons
Ah. Update: turns out on sites with special permissions/security, WP cleverly will show this banner after 3.7 upgrade:
This site is not able to apply these updates automatically. But we’ll email [adminemail] when there is a new security release
Viktoria Michaelis
A dashboard link to disable or enable would have been a far better solution than having to update a line of code.
Russell Cohen
Yes, that sounds like a much more sensible solution!
ultimatrompeta
You’re right about that. Imagine me, I have to edit 20 websites config file!
Keith Davis
Hi Guys
I was taught to disable all plugins before and upgrade and reactivate after upgrade – don’t people do that any more?
Good to know that it can be disabled and thanks for showing how.
Curt
I’ve been a ( paranoid ) systems administrator for some decades now, and one thing I’ve learned ( Micro$oft taught me very well ) is to NEVER, ever, under ANY circumstances, EVER enable auto-update of anything !
Run it in a sandbox test environment first, to make sure someone’s idea of an “improvement” doesn’t fatally break something you depend on.
I’ll be adding that line for now, but I am SO with Ann-Marie above.
A plug-in autoupdate disabler patch right now, and a configurable option in the core ASAP if not sooner.
Curt
And, I’ve just discovered this update DID break a depended on function in .htaccess, by completely replacing my finely tuned config without making a backup.
Good thing I’d learned this long ago, and make my own backups as *I* see fit.
ann-marie
I am hoping someone comes up with a plugin to stop auto updates.
I am not confident about adding that line of code.
I have 12 wordpress.org sites.
Himanshu G
Yupp!
you are right sometimes we are required to make changes to wordpress core files and we don’t want automatic updates as they can remove those changes done…
I was also interested in knowing that will this feature gonna automatically update plugins and themes also or just the wordpress install (as if we do not makes changes in WordPress than let it be updated automatically…)
suneel
great info…
Thank U
Angelika
You rock! Thank you for your awesome posts! This is very appreciated.
Henk
Do NOT disable automatic updates. They exist for a reason!!
It’s a 1000 times better to have the slight possibility of your site breaking due to an update than have a serious possibility of it being hacked.
Silver
Henk, it depends. When this WP project is business critical then this is bad when this automatic update takes site surprisingly down.
Those project needs attention and those can updated by manual and when errors occurs then you can immidietly make needed corrections …
But when this is some personal blog or something similar then this is good
Kevin Edwards
@Henk,
“It’s a 1000 times better to have the slight possibility of your site breaking due to an update”
For some of us it’s not a slight possibility, but rather a 100% guarantee that an update is going to break the site. I manage several sites that break on updates due to WordPress changing the way it handles enclosures and a necessity to edit functions.php after each update to avoid enclosures from being auto-deleted from my posts.
By disabling auto-update, I can still update in a timely fashion, without worry that at any random time my sites will just break.
Katie
@Kevin – we’re having a problem with the enclosure update, too. What did you add to your functions file to keep these from being auto deleted? Thank you
Eni
Would like to know this as well.
Also
#1
do we need to add additional codes to wp-config.php to prevent auto-updates for theme and all plugins ?
…………….
I’m referring to:
“…The previous configuration options are all-or-nothing. You may, however, want something more fine-grained. The auto_update_$type filter (auto_update_core, auto_update_plugin, auto_update_theme, auto_update_translation) is fired for specific updates…”
http://make.wordpress.org/core/2013/10/25/the-definitive-guide-to-disabling-auto-updates-in-wordpress-3-7/
…………………..
May I add lines:
define( ‘WP_AUTO_UPDATE_THEME’, false );
define( ‘WP_AUTO_UPDATE_PLUGIN’, false );
do disable theme and plugins auto-updates ???
#2
I’ve created a child theme, so could I somehow include those codes in my child theme’s files
(functions.php ???)
so they don’t get overwritten forcing me to write them all over again with every next WP update??
Any input would be much appreciated, thanks
Andy
Sure, if you are just running a blog or whatever like the average WordPress user then it makes sense to have automatic upgrades because WordPress is notoriously insecure due to the large amount of outdated code people are running on their sites.
However, automatic updates are an absolute no no in large businesses to enterprise companies where there is a team of devs doing regular maintenance. Everything needs to be version controlled and tested.
I work most often with Drupal and one of the great things they do is separate security updates from other updates, so there is less chance of breaking your site but also a higher level of security. WordPress on the other hand just lumps in security updates with regular updates.