I immediately got in touch with the support team for her hosting company. These are the times when learn if you made a wise hosting decision, because no one wants to be left hanging when their site is down. I got in touch with a representative right away as I always have with Quality Host Online, which is why they’re one of my preferred hosting companies. It turns out they’d shut down the account because a script had sent a flurry of emails all at once. They assumed someone had hacked the account and was sending out spam.

I had a clue they didn’t though. Stephanie was particularly stressed because she’d just tweeted a link to a giveaway she was hosting on the site. You entered by posting a comment. WordPress automatically sends Stephanie an email notification when someone comments. Stephanie has a large Internet following, so hundreds of people were commenting at once, causing the blogging software to send 400+ emails in a matter of minutes. The hosting company assumed this was spam and shut down the site.

I explained what was going on and got Quality Host Online to turn the site back on, after which I immediately logged into WordPress and turned off the email notifications under Settings -> Discussion. Problem solved, all within 45 minutes.

The site crash was both good and bad. Bad because the site went down, obviously. But it was good to know that the hosting company monitors security issues like this and will be sure to shut down the site quickly if it ever does get hacked. You want to be alerted to a security breech as soon as it happens so you can minimize the damage. I’m glad to know Quality Host Online is on top of that. Now I also know to tell a client to turn of email notifications if they expect a flurry of comments to be submitted all at once.

WordPress updates are like dentist appointments and oil changes, annoying yet necessary. You’ll get cavities and car problems if you don’t get checkups, and you’ll endanger the health of your blog if you don’t update WordPress.

Why do I need to update?

Think of your blog as a castle you need to defend. Inside the tower are all your precious blog entries. Outside the stone walls is an army of hackers, spammers, and other nasty people who at any time might launch an attack on your blog. The developers of WordPress know about your enemies, so they’ve built defenses like moats and drawbridges to keep them out.

Despite these obstacles, occasionally a hacker finds a weakness in your defenses and breaks into the castle. They might find a lose stone in the wall or find a way to dig under the castle into the courtyard. You can defend you blog from 99 different types of attacks, but it only takes that one hundredth unprotected way to allow someone to break through.

The developers of WordPress don’t just hang around the great hall eating slain deer. When they become aware of a new type of attack, they patch the vulnerability in their software and issue a new release. That’s when you get the message on your dashboard asking you to update. If you ignore it, you are making your blog more vulnerable to attacks.

Different types of updates

Each WordPress update has a release number, like 2.8 or 2.8.2. These numbers give you information about how major the update is, as well as give the developers a way to track what changes were made in which releases. The farther the number is to the left, the more serious the update is.

If the first number has changed, like from 1.0 to 2.0, this indicates a major change in the software. The developers might have rewritten major parts of the code or restructured how it works internally. This type of update can sometimes be tricky to handle since it usually involves updating your database or the way your files are structured. You should back up your blog before any update, but especially before this type of update.

The second number, or rather the first number after the dot, refers to a less major, yet still significant update to the software. It indicates that there have probably been some minor bugs fixed or a few small features added. You’re less likely to have problems when doing this type of update.

The third number, or the number after the second dot, refers to a small change in the software. This type of update is usually only released when a bug or security vulnerability needs to be fixed right away. Otherwise, they would wait to include the changes in one of the other types of updates.

Backup your files

You should always backup your WordPress blog before initiating an update, just in case something goes wrong. You can do this several different ways.

CPanel
If your host uses CPanel, you can create a backup through that interface by going to http://yoursite.com/cpanel and entering your username and password. There is an icon titled “Backups” that you can click to guide you through the backup process. Make a full site backup and download it to your computer. Also, open the file after you’ve downloaded it to make sure you have everything.

WordPress Plugins
If you don’t have CPanel, there are two WordPress plugins available that will create backups of your site. The WP-DB-Backup plugin backs up your database. Your database contains all the entries, comments, and other settings related to your blog. However, it does not include any images you have uploaded or any of your site’s themes or plugins. The WordPress Backup plugin saves copies of these files for you. You can have the backups emailed to you, or store them in a zip file on your server. Please note, if your web host’s server breaks down, you won’t be able to access any backups stored there. For that reason, it’s always wise to retain a copy on your local computer.

FTP backup
If neither of the options above are available to you, you can log into your site via FTP and download your blog directory to your computer. It’s slow and not the most efficient method, but it will suffice. If you don’t know what FTP is, you shouldn’t be backing up your blog this way anyway.

Updating WordPress

Ever since WordPress 2.7, it has become very easy to update your site. Log into your WordPress dashboard and go to Tools -> Upgrade. You should then see this screen:

Click on “Upgrade automatically” and you’ll see a screen where you’ll have to enter your web host login information. After you’ve entered this information the first time, it will be saved and you’ll automatically be sent to the next screen, which alerts you that WordPress has been updated. That’s it! It’s easier than flossing.

If you are upgrading from a version of WordPress earlier than 2.7, you will have to update your installation manually. Unless you are technically inclined and are 100% sure you have a backup, this is best left to a professional.

Backups are great. Knowing how to use them is better.

Let’s say the worst happens and for some reason your WordPress upgrade goes, horribly, horribly, wrong. Good thing you made that backup! However, if you don’t know how to restore your blog using the backup, it’s not much use to you. Restoring a site can be complicated and is probably a task better left to your web developer.

Please update!

It is up to you whether your update WordPress or not, but ask yourself, how valuable is your blog? If a hacker were able to infiltrate and delete everything, would you be able to brush it off or would you be brokenhearted? If it’s the latter, keep up with the updates. It doesn’t hurt to floss either.