Jan 232011

The need to upgrade you WordPress installation is just a matter of time. Especially bug fixes and security patches require you to move to the next version as soon as possible. Fortunately, WordPress made upgrading very easy.

Of course, it’s always a good idea to keep an eye on the WordPress site. That way, you will know when a new version becomes available. This is especially important when it comes to security updates, just like version 3.0.4 that was released last month. As the message states, this is a very important update to apply to your sites as soon as possible because it fixes a core security bug in the HTML sanitation library, called KSES. I would rate this release as 'critical'.

Keeping Track

The easiest way to keep track of the WordPress announcements, is to subscribe to their RSS news feed:


Simply load it into your web or feed browser, and you will be notified as soon as new announcements become available.

If you forget, there is always the WordPress software itself that reminds you of a new version
when you log into the administrator’s account.

After clicking "Please update now", we are presented with a screen offering us two choices: either to install the new software automatically or to download and install the updates ourselves.

The easiest way to update would be to allow your web server to update the files in your WordPress file tree. However, from a security perspective, this might be a bad idea. So, we rather update our WordPress software by hand.


We start by downloading the new package from the WordPress site. The easiest way to do that, is through the link provided in the Dashboard. Since all configuration information is stored in the database, upgrading is just a matter of installing the new files. To be sure, we first make a backup of our MySQL database:

mysqldump -u <database_user> -p <database_name> > PB-WordPress-2011012300.mysql

It is also a good idea to disable all plugins before upgrading. Maybe not all support the new WordPress version, and there are newer versions of those available as well. So, in the administrator's Dashboard, we go to the Plugins page:

If you have a lot of plugins installed, you can easily disable these in one time by ticking Plugin and selecting a Bulk Action. In this case we select Deactivate, followed by the Apply button.


Now we can unpack the new software:

unzip ../wordpress-3.0.4.zip

This is also a good opportunity to upgrade the plugins we installed before (here and here). Remember that we used symlinks when we did the initial installation? We now do it again:

mv wordpress/ PB-wordpress-3.0.4/

Now we can use this setup to create our updated install. So, instead of copying files from the new software tree onto the old tree, specifically the directories wp-includes and wp-admin, we can simply copy the contents of the wp-content directory that is not in the new directory to the new tree:

cd PB-wordpress-3.0.4/wp-content/
cp -R ../../PB-wordpress-3.0.1/wp-content/uploads .
chmod 755 uploads/
setfacl -m u:apache:rwx uploads/

Now compare the wp-config-sample.php files from the two versions:

diff PB-wordpress-3.0.4/wp-config-sample.php PB-wordpress-3.0.1/wp-config-sample.php

Since they prove to be the same, we can directly recycle our existing wp-config.php file:

cp PB-wordpress-3.0.1/wp-config.php PB-wordpress-3.0.4/


That’s it! Switching to the new installation is a just a matter of setting the symlink to the new directory:

rm PB-wordpress
ln -s PB-wordpress-3.0.4 PB-wordpress

Revisiting our admin page show us that everything went smoothly. The only thing left, is for the plugins to be enabled again.

Here is what happens after upgrading from an older version of WordPress: you get a message stating that your database needs to be updated.

After clicking Upgrade WordPress Database, we get confirmation that the operation succeeded, after which we are transferred to the Admin Dashboard.

This is all there is to it. If you need more information, it can be found here:


Good luck!

Leave a Reply