Auto Updates?

Thank you Marj,

MUCH appreciated.

One question, since this is a WP file, and not a theme file I can modify as a child, is it safe to assume that I’d have to add this line “/** Disable All Automatic Updates */” each time there IS an update?

?

The changes wo wp-config.php affect that installation. This file includes your database credentials and other important things that your site needs to function. The method I’m using and recommending will stay in effect, unless you remark that line out or remove it.

This line is a comment:
/** Disable All Automatic Updates */

This line is the function that disables automatic updates:
define( 'AUTOMATIC_UPDATER_DISABLED', true );

You only need to do this once to each site where you prefer to not have automatic updates.

I feel compelled to stress the importance of backing up the wp-config.php file, by either downloading it or copying it to a new file name on your cpanel. I use wp-config.php.bk01, for example. Make sure you are editing your file in a plain text editor.

I don’t mean to sound condescending by telling you what may be obvious to you. Let me know if you have more questions.

@marj Wyatt, to recap on your thread,

What do you want exactly, an option in the dashboard to disable automatic updates? Sorry, I’m just clarifying because a lot has been said.

IT IS NOT SAFE, IT F*CKED UP

I can’t edit any posts, dare not add a new one which I possibly can not save as a draft and then edit later on before publishing.

THANK YOU WORDPRESS

@vanhoesel, start up a thread in the troubleshooting forum: https://www.ads-software.com/support/forum/how-to-and-troubleshooting#postform

@andrew

I just opened a new thread like you suggested.

The reason I posted it here is to point out that unlike many try to explain here, quoting fore example @george Stephanis ?They are incredibly, incredibly safe? … auto-update is NOT SAFE

@andrew Nevins

What do you want exactly, an option in the dashboard to disable automatic updates?

That would be a good start with the default being “off” and, perhaps, an informative message that lets folks know the benefits so they can make a business decision about whether or not they want this feature enabled at their sites.

Thanks

Before 3.7 by default people did have the choice to update minor (and major) releases in WordPress, giving them an informative message to update. I don’t think that worked, as there were too many WordPress websites without fundamental security fixes.

Is your issue instead about developers? As in developers may have 50 sites automatically updating, causing massive stress?

*Does the hands timeout thing. Also drinks more coffee*

Guys? As this is Requests and Feedback section all I’m going to do is ask that you keep the comments constructive. Venting is therapeutic (to a point) but please do try and keep the topic positive. For most part that’s been the case, I’m just covering the bases. ??

Minor patch releases are automatic by default and as Marj Wyatt pointed out you can easily disable them. Major point releases (such as 3.9) will not be automatically updated.

Yes I know that the point of this thread is “Make WordPress default to no automatic updates” but users not updating their software has been a real problem for years. That’s the problem that minor point releases that are automatically updating is trying to address.

The 3.8.1 is a minor patch releases and as George Stephanis said they are safe. If the updated caused a problem and you need that problem fixed then please do start a support topic and provide details about what broke, what you’ve tried and what doesn’t work.

https://www.ads-software.com/support/forum/how-to-and-troubleshooting#postform

If something broke and it can be identified and fixed then that helps everyone and that issue can be shared.

If you want to vent then that’s OK and this is a Request and Feedback sub-forum.

But… minor point releases are well, minor. They should not break anything and if they do (and you need that fixed) then please really, seek help in your own support topic. It’s the best way to focus on fixing your immediate problem.

Hi Marj,

Thank you for clarifying.

I didn’t take what you said as I condescending at all. I understood that the 1st line was a comment and the 2nd the function, I wasn’t clear in my post. I also DO backup before most upgrades, and that’s yet another reason why I can’t afford automatic updates.

As Jan Dembowski pointed out, with any change there is ALWAYS a chance for an “If something were to break” situation that requires filing the problem with support AND waiting for them to address it. Since I backup each DB prior to ANY updates and I also cannot stop everything I am currently doing the second an update rolls out, I need time to prepare for that.

So, because there is the potential for those “if something breaks” situations, I do not always update immediately. When I have TIME, I check the forums to see if there are any major issues that need to be worked out – prior to doing so – BECAUSE I do have several sites to maintain and because I’m managing my time and working and can’t stop everything to start addressing problems and fixes and fixes that haven’t been addressed yet. (This applies to all updates for all products.)

Last, I think there’s potentially a point of view that isn’t or hasn’t been introduced into the thought process of the developers yet. This is JUST an example – I know of a site, that had WordPress developers build their blog in such a way, that any version updates will break their customizations. “I” KNOW this needs to be fixed on the site and I have also suggested it to the owner (someone that I do some work for) HOWEVER, they do not have the MONEY to throw at the issue yet. Many site owners do not design or developer their own sites – they PAY someone to – so IF they do not have the money to update and upgrade, their sites may not be up to version speed.

After having read the other thread about the security issues with the disparities in WP version on the internet – as a whole – and the potential for breaches to cross pollinate more internet problems – I understand the WP developers wanting to be proactive and alleviate internet issues – but what I don’t understand is this…

When did they become responsible for the security of the internet or the security of individual websites? They are a platform – but even if 20% of all sites are running WP, WP is not responsible for the security of the internet. Ultimately, individual website owners are responsible for their own sites. Security applications should be taking care of individuals browsing, sites and computers.

In a perfect world, one source for everything web and security would be great, but to my knowledge, that isn’t happening any time soon.

You all have violated one of the first rules of computer usage:

Never take control away from the user.

You did, and I am quite upset.

I do not care how “safe” the updates supposedly are. You have NOT tested every possible configuration of WordPress there can be. You will break someone’s site, albeit unintentionally, but broken nonetheless. I wonder, will you contribute your personal time to fixing what you then broke? Will you fix their damaged reputation?

I wonder, do you all think you can undo damage once it has been done? Can you all now magically go back in time and fix a problem you precipitated by your “helpful” feature so there is NO IMPACT?

I seriously doubt it.

The automatic update feature was implemented WITHOUT user permission, and without proper notification – which is an absolute No-No. (I’m sorry, but “read the release notes” is NOT proper notification to the user for such a significant change to the features of the software.)

This implementation, and the replies I read from the WordPress team, smack of arrogance, and a “know-it-all” attitude.

By the way, since when did the WordPress team decide they were God?

The more I think about this, the more upset I get at the utter presumption of such action.

pdavisnwa,

You know, I thought about that too. It was disconcerting that when we upgraded to 3.7, we unwittingly opened a door for WP to make changes to OUR sites without OUR permission. Minor or major, I don’t want that from anyone, anywhere and that was a bit underhanded, like the landlord snooping around and making changes in your home because he has the master keys.

@andrew Nevins

Before 3.7 by default people did have the choice to update minor (and major) releases in WordPress, giving them an informative message to update. I don’t think that worked, as there were too many WordPress websites without fundamental security fixes.

*emphasis mine

Since when did it become WordPress’ or your responsibility to insure that everyone’s site was “up to date?” Last time I checked, I paid for my server space and created my content. WordPress just provides an option for presenting it to the world.

Neither WordPress nor you are responsible for my site’s security: I AM. Why is that so difficult for you to figure out?

This change was done without proper notification or permission from site owners and maintainers.

1. There are now over 400 purchase of the “Disable Auto Update Patch”
I have had to hire 3 people to keep up with the orders.
There are hundreds of searches for “Disable Auto Update”

If you have one of those fake WP sites hosted by .com, then yes auto updates are out of your hands. And why would you complain? You’re getting everything for free! PLEASE!

Those who have Real Websites – SELF-HOST websites – should have an option as to update or not to update and to only update when we feel it is appropriate. We are PAYING for what we have. We have invested in our websites. Yes, the WP program may be free, but many pay for themes, plugins, and many have to pay for fixes from updates.

Maybe I shouldn’t complain, since I’m the one being paid to fix the WP mess after each update, but I am PAYING for my site, because I want to do with it as I please.