We’re wrapping up testing on the WordPress 4.9.4 that was released yesterday. We’ll be rolling out this maintenance update to our clients over the next few days. This update fixes a bug in WordPress 4.9.3, which caused automatic background updates such as security patches to fail to update automatically. This is not a severe issue for our clients as we already manage their website updates for security patches on all of our Website Support Plans.
The 4.9.4 update comes soon after the 4.9.3 update that was dropped on February 5, 2018. The bug causes a PHP Fatal error when WordPress tries to update itself. There was an aim to reduce the number of API calls when the cron task runs during the autoupdate process. The final commit didn’t have the result as intended due to human error, and instead triggered this fatal error since all of the dependencies of find_core_auto_update() are met. Unfortunately, the issue was unnoticed during the 4.9.3 development cycle and was just noticed hours after 4.9.3 was already released on February 6, 2018.
Those who are not on our Website Support Plan or with another hosting company will need to update their WordPress website manually in the dashboard, WP-CLI, or via FTP. If you’re web hosting provider manages updates on your behalf like we do, they should continue to manage your site as normal and apply this update.
Are there any security implications? WordPress 4.9.3 and 4.9.4 do not include any security fixes, however, in order for WordPress to receive future security updates automatically, sites will first need to be updated to 4.9.4.
Ways to update:
- Through the WordPress Administration area: Simply visit your WordPress Dashboard → Updates and click “Update Now.”
- With WP-CLI: If you have command line access to WordPress, and WP-CLI installed,
wp core updatewill update your site just as quickly as before. - Manually by FTP: If you prefer, you can update by Downloading the latest ZIP, and using FTP to upload it to your site. The only changed files expected are
wp-includes/update.php&wp-includes/version.php. - With PHP: If you have command line access, you can also update WordPress simply by running
wp_maybe_auto_update()inside of WordPress, for example:php -r 'include "wp-load.php"; wp_maybe_auto_update();'. This is also how we suggest hosts who don’t have WP-CLI installed proceed with automated updates for their customers.
As a best practice with applying any updates to your website, we recommend to always update on a staging server before pushing to your live website. This allows you to test the functionality of your website such as contact forms, image galleries, and other integrations to make sure the updates did not break anything and overall ‘play nice’ with other updates. This process is covered on all of our website support plans for managed WordPress websites.
If you need help with updating your website or if you have questions about getting the most out of your WordPress website, WordPress hosting, and overall website management – Schedule a Call with us. We’d love to take a look at your current website and provide recommendations to best fit your needs and budget.