There comes a time in every self-hosted WordPress blogger’s life when they will see this:

WordPress updates are like dentist appointments and oil changes, annoying yet necessary. You’ll get cavities and car problems if you don’t get checkups, and you’ll endanger the health of your blog if you don’t update WordPress.

Why do I need to update?

Think of your blog as a castle you need to defend. Inside the tower are all your precious blog entries. Outside the stone walls is an army of hackers, spammers, and other nasty people who at any time might launch an attack on your blog. The developers of WordPress know about your enemies, so they’ve built defenses like moats and drawbridges to keep them out.

Despite these obstacles, occasionally a hacker finds a weakness in your defenses and breaks into the castle. They might find a lose stone in the wall or find a way to dig under the castle into the courtyard. You can defend you blog from 99 different types of attacks, but it only takes that one hundredth unprotected way to allow someone to break through.

The developers of WordPress don’t just hang around the great hall eating slain deer. When they become aware of a new type of attack, they patch the vulnerability in their software and issue a new release. That’s when you get the message on your dashboard asking you to update. If you ignore it, you are making your blog more vulnerable to attacks.

Different types of updates

Each WordPress update has a release number, like 2.8 or 2.8.2. These numbers give you information about how major the update is, as well as give the developers a way to track what changes were made in which releases. The farther the number is to the left, the more serious the update is.

If the first number has changed, like from 1.0 to 2.0, this indicates a major change in the software. The developers might have rewritten major parts of the code or restructured how it works internally. This type of update can sometimes be tricky to handle since it usually involves updating your database or the way your files are structured. You should back up your blog before any update, but especially before this type of update.

The second number, or rather the first number after the dot, refers to a less major, yet still significant update to the software. It indicates that there have probably been some minor bugs fixed or a few small features added. You’re less likely to have problems when doing this type of update.

The third number, or the number after the second dot, refers to a small change in the software. This type of update is usually only released when a bug or security vulnerability needs to be fixed right away. Otherwise, they would wait to include the changes in one of the other types of updates.

Backup your files

You should always backup your WordPress blog before initiating an update, just in case something goes wrong. You can do this several different ways.

CPanel
If your host uses CPanel, you can create a backup through that interface by going to http://yoursite.com/cpanel and entering your username and password. There is an icon titled “Backups” that you can click to guide you through the backup process. Make a full site backup and download it to your computer. Also, open the file after you’ve downloaded it to make sure you have everything.

WordPress Plugins
If you don’t have CPanel, there are two WordPress plugins available that will create backups of your site. The WP-DB-Backup plugin backs up your database. Your database contains all the entries, comments, and other settings related to your blog. However, it does not include any images you have uploaded or any of your site’s themes or plugins. The WordPress Backup plugin saves copies of these files for you. You can have the backups emailed to you, or store them in a zip file on your server. Please note, if your web host’s server breaks down, you won’t be able to access any backups stored there. For that reason, it’s always wise to retain a copy on your local computer.

FTP backup
If neither of the options above are available to you, you can log into your site via FTP and download your blog directory to your computer. It’s slow and not the most efficient method, but it will suffice. If you don’t know what FTP is, you shouldn’t be backing up your blog this way anyway.

Updating WordPress

Ever since WordPress 2.7, it has become very easy to update your site. Log into your WordPress dashboard and go to Tools -> Upgrade. You should then see this screen:

Click on “Upgrade automatically” and you’ll see a screen where you’ll have to enter your web host login information. After you’ve entered this information the first time, it will be saved and you’ll automatically be sent to the next screen, which alerts you that WordPress has been updated. That’s it! It’s easier than flossing.

If you are upgrading from a version of WordPress earlier than 2.7, you will have to update your installation manually. Unless you are technically inclined and are 100% sure you have a backup, this is best left to a professional.

Backups are great. Knowing how to use them is better.

Let’s say the worst happens and for some reason your WordPress upgrade goes, horribly, horribly, wrong. Good thing you made that backup! However, if you don’t know how to restore your blog using the backup, it’s not much use to you. Restoring a site can be complicated and is probably a task better left to your web developer.

Please update!

It is up to you whether your update WordPress or not, but ask yourself, how valuable is your blog? If a hacker were able to infiltrate and delete everything, would you be able to brush it off or would you be brokenhearted? If it’s the latter, keep up with the updates. It doesn’t hurt to floss either.

A client of mine has been blogging for over five years, leaving her with an extensive set of archives. We needed to move her blog to a new host, so I tried exporting her archives, both as a MySQL database dump and as a WordPress XML file export. Unfortunately, the size of the files made them rather unwieldy. When I tried importing the database dump through phpMyAdmin, the page would time out before the export was complete. When I used the blog importing tool in WordPress, it would time out before it had parsed the entire file. When I tried opening the files in a standard text editor like Notepad or my preferred editor, eTextEditor, to break the files into smaller pieces, the software would crash or lock up because it couldn’t handle loading all of that information into its temporary memory.

After some Googling, I found a few tools that allowed me to break up the files into smaller pieces and easily import the information. If you find yourself in a similar situation, I hope you find them helpful.

WordPress Splitter

WordPress Splitter is a Windows program written by Ian Cull, a Mini car enthusiast, who is also rather handy with Visual Basic 6. The WordPress Splitter allows you to take the XML file created with the WordPress export tool and break it into several smaller XML files. WordPress Splitter inserts all the appropriate header information at the beginning of each file. You can also specify how large you want the split files to be.

Updated 9/28/11 – There’s now a new version of WordPress Splitter with an easier-to-use interface.

Text File Cleaver

Text File Cleaver takes a sharp knife to your text files and cuts them into smaller files, each with the same number of rows that you can specify. Small and simple, it broke up the MySQL dump so I could open the files in my text editor and get a look at what was inside it.

Big Dump

It’s got a suggestive name, but Big Dump is a great script that allows you to overcome the timeout problems encountered when you try importing a “big dump” via phpMyAdmin. First, you upload your large MySQL file to your server, then you configure the correct settings in the Big Dump PHP script. Ta da! Just run the script and your database will be imported. Be sure to remove the script and the server dump from your server when you’re done.