ManageWP managed websites updated to 4.9.4

Back in February the WordPress development team launched the 4.9.3 core update that broke the automatic update capability. With the new 4.9.5 maintenance release coming on April 3, we decided to help ManageWP users running 4.9.3 websites.

We will be updating all websites managed by ManageWP, that are on core version 4.9.3. Here’s why.

Why would you update my websites?

We know there will be security fixes coming soon. When that happens, anyone that auto-updated to 4.9.3 and got stuck will not receive them automatically like they had expected. Right now it means nothing to a user that they’re on 4.9.3 rather than 4.9.4, since the versions are basically identical. But once they all become vulnerable to exploits that are in the wild because they were fixed in 4.9.5, things change.

So here’s the question: you entrusted us to maintain your websites, keep your data safe and confidential. Does that give us the right to update a website on your behalf, knowing that we are doing this to make them more secure?

To answer this question, we reached out to 20 users with 4.9.3 websites, asking them why they haven’t updated. Their response was that they either weren’t aware of the update, or that were relying on the (broken) auto update capability.

We also looked at what other teams in the WordPress community were doing. Managed hosts updated the client websites within hours of the release. Other hosts and plugin developers (e.g. VaultPress, Yoast) have either forced the update, or urged the users to do it themselves.

That’s why we decided to wait as long as possible for you to do it on your own, and only auto update a week before 4.9.5.

Can this update break my website?

TL;DR: No.

Aaron Campbell, the WordPress Security Team Lead, walked us through the update.

The 4.9.3 -> 4.9.4 update changes 3 files, and only one of them has a remote chance of being customized:

The update is not coming near any of the important files that you potentially customized. This means that the failure rate is virtually zero.

wordpress update 4.9.4

When will you update my websites?

We have 23k websites to update. The updates will start on Wednesday, March 28, at 07:00 UTC and last for a couple of hours. This means that most European and North American websites will be updated in the low traffic hours. Each individual update should complete in seconds, so it should not affect the website visitor’s experience.

On an off chance that you have an issue, our Customer Happiness is ready to help. And if you have any additional questions, I’d be happy to answer them in the comments.

Nemanja Aleksic

Head of Growth at ManageWP. Marketing Manager at GoDaddy. WordCamp Belgrade organizer. But first and foremost, a father, a husband and a puck stopper.

1 Comment

  1. Donna McMaster

    Thanks for taking care of this. I was unaware of the update.

Leave a Reply

Your email address will not be published. Required fields are marked *

Over 40,000 WordPress professionals are already using ManageWP

Add as many websites as you want for free, no credit card required. Sign up and start saving time!

Have questions? Get in touch!

Over 40,000 WordPress professionals are already using ManageWP

Add as many websites as you want for free, no credit card required. Sign up and start saving time!

Have questions? Get in touch!

Over 40,000 WordPress professionals are already using ManageWP

Add as many websites as you want for free, no credit card required. Sign up and start saving time!

Have questions? Get in touch!

Over 40,000 WordPress professionals are already using ManageWP

Add as many websites as you want for free, no credit card required. Sign up and start saving time!

Have questions? Get in touch!