Delivering the “Managed” part of Managed WordPress Hosting Kristoper LagraffOctober 11, 2013March 7, 2019 WordPress 3.7 is around the corner and the core team is putting much effort into auto-upgrades of core with the ability to also auto-upgrade plugins. Here at Pagely we have been managing WordPress and plugin upgrades for our clients for years. The primary difference between what we do and what the new WordPress core system does can be explained by understanding the difference between Unattended and Managed upgrades.Unattended UpgradesThere is a lot of discussion about the new unattended WordPress auto updates, whether it’s a benefit or hindrance. Automatically upgrading WordPress point releases (example: 3.6.1 to 3.6.2) will most likely prove to be a very beneficial addition to the project overall. Point releases are typically just security fixes and will not change or modify how your site works on the surface. This overall is a good thing for the average user. Corporate or Power users who have customized their installs may be wary of this. Unattended upgrades happen automatically with no action taken by the user.WordPress 3.7 will also have the ability to auto-upgrade plugins. It will be a config setting the user has to turn on first for it to work. Plugins are the real powerhouses of WordPress adding all the bells and whistles users have come to rely on. Rarely a plugin author commits an update that is buggy. Because plugin updates are currently a user initiated action, the plugin may be fixed and a new version available before too many people are affected. The problem with unattended plugin upgrades arise in the case where the buggy plugin is updated automatically across many WordPress instances and it breaks all those sites. Users are left waiting for the author to realize there is a problem, then to correct the problem, and then having to wait for the fix to propagate out. Worst case scenario: thousands, even millions of sites using that plugin are broken until the plugin is next auto-upgraded to a working version.Managed UpgradesManaged upgrades, which were pioneered here at Pagely, are attended upgrades we push to all our client sites and one of the most valuable assets of our managed hosting platform. We upgrade plugins on every site, every day. However we don’t just cross our fingers and hope it works. Our system is intelligently designed to alert us if there is a problem with a site after we push an upgrade. We have successfully deployed over 8 million plugin updates in this manner.Example: Today, Arconix FAQ rolled out version 1.3.1 which unfortunately does contain a syntax error that causes the horrible “white screen of death”. Our first report came in at 6:33am MST a few minutes after our system upgraded the first site. After diagnosing the issue and linking the problem to the plugin, the customer success team at Pagely leapt into action. We were able to quickly compile a list of everyone using the plugin and roll out the fix before most people finished their breakfast. We alerted the plugin author and were informed their update would be pushed up to the WordPress repo that evening, if you needed the fix in the meantime the author has been kind enough to make it available here. If you’re already hosted with us, no worries we’ve got you covered.Bigger Example: On a much larger scale we saw a similar issue a few weeks back with the Nextgen gallery plugin. This plugin is used by millions of websites globally and a large percentage of sites here at Pagely. Again our managed WordPress plugin update process alerted us to issues (this time database performance) and we took measures to correct it: Patching the plugin, and announcing our fix 19 hours before others in our space began to discuss it publicly.Our Ops team patched the plugin system wide and corrected the root cause. We eventually chose to roll the plugin back to a working version system wide and keep it there, preventing future updates until we feel the plugin is stable again.But wait there’s more. The nature of the problem with the Nextgen gallery plugin bug was the repeated insert into the database of a massive query. Stopping the inserts were part 1 of the fix. We were then faced with many sites with huge amounts of needless data in their wp_options table (which is loaded on every request) that was killing performance of the site. Part 2 of our fix was to actually clean these tables on every affected site to bring them back to pre-buggy-plugin levels of performance. We shared the need to cleanup the database afterwards with the community via the support forums and closed the book on this one.Like this content? Meet Pagely.This is where the Managed part of what we do comes in to focus. If these updates were unattended, users would be in a bind. Their site would be broken, with no idea why or how to fix, and left waiting for the plugin author to correct it. Instead our users did nothing but continue operating their sites as normal while we did all the research and heavy lifting behind the scenes.Automatic Upgrades can work. Managed Upgrades are your safety net.In most cases core and plugins can be updated freely without issue and the new system in 3.7 will work just fine for many, many people. In the rare cases when there is an issue, like we described above, it pays to have someone looking out for you. Pagely pioneered Managed WordPress hosting years ago and we continue to refine our service to meet the needs of a changing landscape. Our system will disable the auto-upgrade mechanisms in WordPress 3.7 and continue to use a mix of our automated tools and human intelligence to make sure your WordPress site is running as smooth as possible at all times.October 11, 2013March 7, 2019 Pagely News hosting how to managed plugin security support wordpress Author Kristoper Lagraff Kris is the Customer Success director at Pagely and part time fashion model. Recently married and living in Denver, CO. Kris oversees all support for Pagely. 3 Comments Cancel reply Comment:Name * Email *Save my name, email, and website in this browser for the next time I comment. Pothi Oct-11-2013 Amazed to know what difference you make behind the scenes. NextGen incident is a classic example! Reply Petroski Oct-11-2013 Upgrading plugins immediately just because there is an upgrade available is living on the bleeding edge, don’t you think? We also provide managed core and plugin updates for our clients, but prefer to wait “until the dust settles” and we see that any issues are resolved prior to exposing our clients to possible downtime. That’s the difference between managed updates and “auto-managed” updates. Reply Joshua Strebel Oct-11-2013 We agree, it’s a case by case thing. Some plugins we have flagged to hold back, others we allow to upgrade 0 day. We essentially have a trusted and ‘suspect’ list.