Man it has been some time since I updated the version of the site. You have to do that or expect to get spammed/hacked.
The tricky thing with my site is that I do everything via ssh and I lock down ftp except to one home directory. Essentially I
- download the WordPress zip file to my local machine
- upload to home directory via sftp
- export wordpress entries to xml, which gets me all my posts, comments, pages, and categories in case I hose everything
- then backup: themes, index.php, uploads, plugins
- cp -R the contents of the new ‘wordpress’ directory to the existing one
- jump to browser and go to /wp-admin/update.php
- message saying wordpress is updated, prompts me to update database
- update database
I then delete my – themes, plugins, uploads, index.php directories and file since all looks good.
Now I’ll do the same method to update the plugins.
Yes, it’s a pain in the butt to do this all. Right. I could set it all up so that I can run the auto feature of wordpress, but I don’t want to open it up – so I sacrifice.