If you build websites with WordPress, the thought of updating your plugins probably elicits some stress and irritation. Plugin maintenance can be a time-consuming, tedious process, and unintended consequences, like plugin compatibility issues and potential downtime make it all the more unnerving. The problem is, keeping your plugins regularly updated is critical to the security and health of your WordPress site.  

Even though updating plugins is clearly necessary, it’s far from straightforward. This catch 22 has plagued the WordPress community a long time, which is why WP Engine is proud to announce the beta release of Smart Plugin Manager, an automated solution that checks your plugins for updates nightly and ensures that when updates happen, your site doesn’t break. By using “smart” technology and visual testing you can sleep easy knowing that your plugins are up to date and your site is secure.

Identifying Vulnerabilities in WordPress

The question of WordPress security has been around for years. While risk elimination is impossible, WordPress is more bulletproof than the skeptics think. The biggest culprit for WordPress vulnerabilities? Plugins. According to WPScan Vulnerability Database, an online browsable version of WPScan’s data files used to detect WordPress core, plugin, and theme vulnerabilities, plugin vulnerabilities account for more than half of the total vulnerabilities in WordPress.

It’s important to remember that WordPress is not a “set it and forget it” system. The number one reason for a hacked WordPress site is an outdated core or plugin. WordPress is the most widely used CMS in the world; more than a third of the web of the uses WordPress. The popularity of the CMS means that plugin vulnerabilities are virtually inevitable, but their abundance makes them difficult for hackers to pinpoint. Combing through code can be time intensive. Instead, attackers look for site owners who don’t keep things up-to-date.

A Solution to the Problem

Smart Plugin Manager is a new way to automate the headache of plugin maintenance. Whether you’re a site owner managing a digital presence of a small to medium-sized business on WordPress, an agency managing dozens of plugins for multiple clients, or an enterprise with multiple sites leveraging WordPress plugins, Smart Plugin Manager can benefit you via time-savings, increased security benefits, and peace of mind.

Save Time and Resources

With Smart Plugin Manager up and running, your team will no longer need to allocate valuable time for reviewing and updating plugins. Instead, plugins will be automatically checked for updates every 24 hours. To make sure those updates don’t interfere with your workflow, users can select an ideal time of day for them to occur. Finally, updates can be customized to run automatically or manually, depending on user preference.  

Added Security

It’s not uncommon to miss a plugin update. They happen frequently and they’re not always prioritized, resulting in delayed or forgotten updates. Alongside automatic updates, Smart Plugin Manager will check your existing site to ensure you have the latest code and security patches for all your plugins. Smart Plugin Manager will also scan and patch out-of-date plugins, which is the most common cause of site vulnerabilities.

Peace of Mind

Automated updates are obviously a time-saver, however, automatic updates can become risky when it’s unclear which changes the updated plugin will actually make to your site. There’s no point in adding convenience if you’re subtracting confidence. Smart Plugin Manager uses visual regression testing to make sure the updated plugins don’t break or otherwise compromise the look and feel of your site.

Visual regression testing works by comparing screenshots from two different before and after states. In this case, visual regression testing will show what visual changes will be made to your site before and after a plugin update. If the visual test fails, the Smart Plugin Manager will automatically rollback your site and restore the previous plugin versions. You’ll receive an email informing you of the event and the rollback, which will allow you to proceed with the automatic update or take control of things manually.

Learn More About the Smart Plugin Manager

Smart Plugin Manager will be available as an add-on for all WP Engine plan types soon. WP Engine customers can sign up for the beta version of Smart Plugin Manager in the User Portal. Interested in other WP Engine add-ons? Check out Global Edge Security, Application Performance Monitoring, and GeoTarget.

More WordPress News from WP Engine

Start the conversation.

Leave a Comment.