Skip to content

SOP: Update Management

Fresh

Safe workflow for managing WordPress updates across all your sites.

Prerequisites

  • [ ] Sites connected and synced in MainWP Dashboard
  • [ ] Backup solution configured (recommended)
  • [ ] Staging environment available for testing (recommended)

Update Workflow

Step 1: Sync All Sites

Dashboard → MainWP → Sites → Select All → Sync

Or via API:

bash
curl -X POST -u "admin:xxxx" \
  -H "Content-Type: application/json" \
  -d '{"input":{"site_ids":"all"}}' \
  "https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/sync-sites-v1/run"

Step 2: Review Available Updates

Dashboard → MainWP → Updates

Review by type:

  • WordPress Core — major vs minor versions
  • Plugins — check changelog for breaking changes
  • Themes — check compatibility with current plugins
  • Translations — usually safe to auto-update

Step 3: Prioritize Updates

PriorityTypeAction
CriticalSecurity patches (any type)Apply immediately after quick test
HighWordPress minor updatesApply within 24 hours
MediumPlugin/theme updatesApply within 1 week
LowWordPress major updatesTest on staging first, apply within 2 weeks
HoldKnown incompatible updatesAdd to ignore list

For major updates:

  1. Clone production site to staging
  2. Apply updates on staging
  3. Test critical functionality:
    • Homepage loads
    • Forms work
    • eCommerce checkout (if applicable)
    • Key plugins functional
  4. If all good → proceed to production

Step 5: Apply Updates

Single Site Updates

Dashboard → Sites → [site] → Updates → Select updates → Apply

Bulk Plugin Updates (All Sites)

Dashboard → Updates → Plugins → Select All → Update

Via API — Update Specific Plugins on a Site

bash
curl -X POST -u "admin:xxxx" \
  -H "Content-Type: application/json" \
  -d '{"input":{"site_id": 123, "slugs": ["akismet","wordfence"]}}' \
  "https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/update-site-plugins-v1/run"

Via API — Update Everything

bash
curl -X POST -u "admin:xxxx" \
  -H "Content-Type: application/json" \
  -d '{"input":{"site_ids":"all"}}' \
  "https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/update-all-v1/run"

DANGER

update-all-v1 applies ALL updates including WordPress core. Use with caution.

Step 6: Verify Post-Update

After applying updates:

  1. Sync all updated sites
  2. Check each site loads correctly
  3. Review Dashboard for any new errors
  4. Test critical functionality on key sites

Automated Verification via API

bash
# Check site health after updates
curl -X POST -u "admin:xxxx" \
  -H "Content-Type: application/json" \
  -d '{"input":{"site_ids":"all"}}' \
  "https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/check-sites-v1/run"

Step 7: Rollback (If Needed)

If an update causes issues:

  1. Restore from backup (fastest, most reliable)
  2. Manual rollback — re-install previous plugin/theme version
  3. WP-CLI rollback:
    bash
    wp plugin install plugin-slug --version=X.Y.Z --force

Managing Ignored Updates

Some updates should be deferred:

bash
# Ignore a plugin update globally
curl -X POST -u "admin:xxxx" \
  -H "Content-Type: application/json" \
  -d '{"input":{"type":"plugins","slug":"problematic-plugin","action":"ignore"}}' \
  "https://your-dashboard.com/wp-json/wp-abilities/v1/abilities/mainwp/set-ignored-updates-v1/run"

Best Practices

  • Always backup before major updates
  • Test on staging for WordPress core major versions
  • Stagger rollouts — update a few sites first, verify, then do the rest
  • Monitor for 24 hours after applying updates
  • Document any issues for future reference
  • Auto-update only minor WordPress core and translations
  • Never auto-update major WordPress core versions