Theme dev told us not to update themes & plugins

Resolved Logan
(@bhewp)

2 years, 8 months ago
Hello,

Our company is currently in a transition from Shift 4 Shop to WP. We have a lot of business running through the site and the department manager hired out a company to do a site migration as well as build a custom theme. Now I am somewhat skeptical about the dev company telling us that we cannot update this theme or any plugin. The WP Documentation always states to keep the site up to date for best security practices. The company who created the theme was only hired to do the task and then take their foot out of it.

Does anyone have advice on the best way to deal with this situation? Do we need to hire the company to update every bi annually, learn how to update it safely ourselves, or just leave it alone like they told us to? This seems like a security risk for me as we will have a lot of sales and customer information running through the site.

Any advice is appreciated!

Thank you.
- This topic was modified 2 years, 8 months ago by Steven Stern (sterndata).

Viewing 2 replies - 1 through 2 (of 2 total)

Moderator James Huff
(@macmanx)

2 years, 8 months ago

Updates often include important bug fixes, and sometimes fixes for security vulnerabilities that become publicly known as soon as the fix is released.

Because of that, I recommend always keeping things up to date.

It’s possible they’re suggesting that you shouldn’t update plugins because sometimes plugins change how to they operate, and then you need to adapt/adjust to that, but that’s all part of owning a site. 🙂

The theme gets a bit trickier.

If they built a custom theme for you from scratch, you don’t have to worry about the updates, because the only people releasing updates for it would be the people who built it (the people who told you not to update it). It would be kind of silly for them to tell you not to update it and then release an update. 😉

If they gave you a block theme (aka full site editing theme) and just made changes in the site editor, you can safely update the theme, as all customizations live independently in the site editor: https://ww.wp.xz.cn/documentation/article/site-editor/

If they made a child theme of an existing theme, then you can safely update the parent theme. A child theme means that changes to the parent theme are entirely self-contained, and you can safely inherit any bug or security fixes made to the parent theme: https://developer.ww.wp.xz.cn/themes/advanced-topics/child-themes/

If they simply modified an existing theme’s files without using the site editor or creating a child theme, then you’re in trouble. Theme updates overwrite all updated files, meaning you will lose any customizations made during a theme update. If that’s what they did, it makes sense they don’t want you to install any theme updates, but it has also been the wrong way to do theme customizations for years.
Thread Starter Logan
(@bhewp)

2 years, 8 months ago
James Huff,

Thank you for the thought out response! I posted this to the WP Forums and WP on Reddit and let me tell you, I have a brand new appreciation for the WP community (especially the forum)!! I will share this with the boss man and we will get these answers and adjust as needed.

Thank you so much.
- This reply was modified 2 years, 8 months ago by Logan.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Theme dev told us not to update themes & plugins’ is closed to new replies.

Theme dev told us not to update themes & plugins

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics