SOP: Update Management
FreshSafe workflow for managing WordPress updates across all your sites.
Prerequisites
- [ ] Sites connected and synced in MainWP Dashboard
- [ ] Backup solution configured (recommended)
- [ ] Staging environment available for testing (recommended)
Update Workflow
Step 1: Sync All Sites
Dashboard → MainWP → Sites → Select All → SyncOr via API:
bash
curl -X POST -u "admin:xxxx" \
-H "Content-Type: application/json" \
-d '{"input":{"site_ids":"all"}}' \
"https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/sync-sites-v1/run"Step 2: Review Available Updates
Dashboard → MainWP → UpdatesReview by type:
- WordPress Core — major vs minor versions
- Plugins — check changelog for breaking changes
- Themes — check compatibility with current plugins
- Translations — usually safe to auto-update
Step 3: Prioritize Updates
| Priority | Type | Action |
|---|---|---|
| Critical | Security patches (any type) | Apply immediately after quick test |
| High | WordPress minor updates | Apply within 24 hours |
| Medium | Plugin/theme updates | Apply within 1 week |
| Low | WordPress major updates | Test on staging first, apply within 2 weeks |
| Hold | Known incompatible updates | Add to ignore list |
Step 4: Test on Staging (Recommended)
For major updates:
- Clone production site to staging
- Apply updates on staging
- Test critical functionality:
- Homepage loads
- Forms work
- eCommerce checkout (if applicable)
- Key plugins functional
- If all good → proceed to production
Step 5: Apply Updates
Single Site Updates
Dashboard → Sites → [site] → Updates → Select updates → ApplyBulk Plugin Updates (All Sites)
Dashboard → Updates → Plugins → Select All → UpdateVia API — Update Specific Plugins on a Site
bash
curl -X POST -u "admin:xxxx" \
-H "Content-Type: application/json" \
-d '{"input":{"site_id": 123, "slugs": ["akismet","wordfence"]}}' \
"https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/update-site-plugins-v1/run"Via API — Update Everything
bash
curl -X POST -u "admin:xxxx" \
-H "Content-Type: application/json" \
-d '{"input":{"site_ids":"all"}}' \
"https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/update-all-v1/run"DANGER
update-all-v1 applies ALL updates including WordPress core. Use with caution.
Step 6: Verify Post-Update
After applying updates:
- Sync all updated sites
- Check each site loads correctly
- Review Dashboard for any new errors
- Test critical functionality on key sites
Automated Verification via API
bash
# Check site health after updates
curl -X POST -u "admin:xxxx" \
-H "Content-Type: application/json" \
-d '{"input":{"site_ids":"all"}}' \
"https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/check-sites-v1/run"Step 7: Rollback (If Needed)
If an update causes issues:
- Restore from backup (fastest, most reliable)
- Manual rollback — re-install previous plugin/theme version
- WP-CLI rollback:bash
wp plugin install plugin-slug --version=X.Y.Z --force
Managing Ignored Updates
Some updates should be deferred:
bash
# Ignore a plugin update globally
curl -X POST -u "admin:xxxx" \
-H "Content-Type: application/json" \
-d '{"input":{"type":"plugins","slug":"problematic-plugin","action":"ignore"}}' \
"https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/set-ignored-updates-v1/run"Best Practices
- Always backup before major updates
- Test on staging for WordPress core major versions
- Stagger rollouts — update a few sites first, verify, then do the rest
- Monitor for 24 hours after applying updates
- Document any issues for future reference
- Auto-update only minor WordPress core and translations
- Never auto-update major WordPress core versions