Title: WordPress updates / database update Last modified: August 21, 2016 --- # WordPress updates / database update * Resolved [allm](https://wordpress.org/support/users/realblueorange/) * (@realblueorange) * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/) * For security reasons I have access to wp-admin disabled thru the use of a htaccess file. This works fine. * I have noticed that after the automatic update from 3.8.2 to 3.8.3 trying to log in again resulted in a message that first I needed to perform a database update. It seems to me that securing the wp-admin resulted in this. * The same thing happened when upgrading to WP 3.9. After the upgrade the system asks to perform a database update. * If I disable the securing of wp-admin before upgrading WP the question about the database update does not appear. In that case it seems to function all by itself. * Obviously I do want to update the database if that is necessary. Especially with the upcoming automatic updates to 3.9.1, 3.9.2 and so on I want to know what I can do about this. * Is there a file I need to grant access to in wp-admin, so this runs smoothly? What is going on? * Is there someone who knows about the internals regarding this? Viewing 10 replies - 1 through 10 (of 10 total) * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847145) * > For security reasons I have access to wp-admin disabled thru the use of a htaccess > file. This works fine. * So far so good. * > I have noticed that after the automatic update from 3.8.2 to 3.8.3 trying to > log in again resulted in a message that first I needed to perform a database > update. It seems to me that securing the wp-admin resulted in this. * It shouldn’t. How did you secure `wp-admin`? * > Is there a file I need to grant access to in wp-admin, so this runs smoothly? > What is going on? * Huh. Do you mind sharing how you secured `wp-admin`? If what you’ve done can be reproduced by others then maybe an exception can be made for the file that needs to be permitted into `wp-admin`. I suspect the file lives in `wp-includes` but I haven’t really taken a look myself (yet). * Thread Starter [allm](https://wordpress.org/support/users/realblueorange/) * (@realblueorange) * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847169) * [@jan](https://wordpress.org/support/users/jan/) Thanks for looking into this. I have a .htaccess in wp-admin and a big one in the root. Now I have a look at it, there might be some stuff in there too. Could I mail you directly about the content of that? And when we find out what is going on we can post the result here. Is that OK with you? Or can you mail me at the address that is in my account? * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847176) * > Could I mail you directly about the content of that? * I’m sorry but support is not offered that way here, only via the forums not email. * If you don’t want to share that `.htaccess` file here I fully understand. * Try this: check your access and error log files for any lines that may pop up when that message appears. That may help you identify where the problem is. Also consider consolidating that `wp-admin` into the root copy. It may make it easier to troubleshoot. * Thread Starter [allm](https://wordpress.org/support/users/realblueorange/) * (@realblueorange) * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847180) * [@jan](https://wordpress.org/support/users/jan/) OK, I understand. I can look into my .htaccess and see if there is something there, but… * I find it strange that the WP update process asks to update the database while there is no real need for it after an automatic update (3.8.2 to 3.8.3). It might be an idea to put this in trac, as this sounds like a bug to me. * Do you (or someone else) know what files are involved? * If I know what is going on during manual and automatic updates I can have a look at my htaccess and fix things for future updates (or put it in trac, with some more info added to it). Or is this somewhere in the codex? My last resort would be to have a look at the core files myself, but maybe someone can point me in the right direction? * Moderator [Samuel Wood (Otto)](https://wordpress.org/support/users/otto42/) * (@otto42) * WordPress.org Admin * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847183) * > I find it strange that the WP update process asks to update the database while > there is no real need for it after an automatic update (3.8.2 to 3.8.3). It > might be an idea to put this in trac, as this sounds like a bug to me. * It is not a bug, and yes, your “securing” of the directory is causing it to be unable to perform the upgrade automatically. * A WordPress upgrade takes several steps, most of which are boring safety things that don’t apply to your problem. The last step is to upgrade the database. * However, the code to perform that database upgrade is in the just-upgraded files themselves. Because WordPress is already running, it needs to run a “fresh” instance of itself to ensure that it hits all the new code, and none of the old code that is already currently loaded into memory. * So, it makes an HTTP call back to itself to hit the new upgrade file. In so doing, a fresh process is created on the server, using all the new WordPress files which have just been previously updated. * Your “security” settings are blocking that HTTP call. So the upgrade does not get performed, so you get the prompt to do it on your next hit. * Now, there is no danger here, the upgrade process is exactly the same whether it happens automatically or if you have to click the button. It’s really just a matter of whether you want that button hit to show up or not. * Note that “securing” the wp-admin directory will also cause lots of other issues, some with plugins. Things like the admin-ajax.php and admin-post.php are in the wp-admin directory, and plugins can access those files for various purposes, even from the front-end of the site. So using a block-the-whole-directory approach isn’t the most compatible thing in the world to do anyway. * Thread Starter [allm](https://wordpress.org/support/users/realblueorange/) * (@realblueorange) * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847186) * [@otto](https://wordpress.org/support/users/otto/) Thanks a lot for your extensive explanation. Really appreciate the time and effort. This makes things a lot clearer. * Is there a certain file I could exclude in my wp-admin htaccess so the new HTTP call is not blocked, resulting in an update that works as intended? * BTW I am aware of certain issues when “securing” wp-admin. That is why I have some access-exceptions. * Moderator [Samuel Wood (Otto)](https://wordpress.org/support/users/otto42/) * (@otto42) * WordPress.org Admin * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847192) * Allow access to the wp-admin/upgrade.php file. * Thread Starter [allm](https://wordpress.org/support/users/realblueorange/) * (@realblueorange) * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847194) * [@otto](https://wordpress.org/support/users/otto/) Thank you. * Another question: If I understand you correctly you would advise not to “secure” the wp-admin directory with a seperate htaccess at all? * Moderator [Samuel Wood (Otto)](https://wordpress.org/support/users/otto42/) * (@otto42) * WordPress.org Admin * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847199) * Yes and no. I would not actually advise against it, certainly. * But I don’t necessarily think it helps in any real way to block access there. It doesn’t hurt anything as long as you allow the proper exceptions through, but it’s designed to be secure as-is. Running any file in there directly without proper credentials passed in will simply get you a white screen and no changes. * The wp-admin directory is no more special than the wp-includes directory. Securing it with http security doesn’t add any actual security, it’s just an extra layer. And too many layers of security can lead to worse security in some situations. * Thread Starter [allm](https://wordpress.org/support/users/realblueorange/) * (@realblueorange) * [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847203) * [@otto](https://wordpress.org/support/users/otto/) * Thanks for your explanation. I’ll think it over again. * I’ll set this thread to resolved. Have a good weekend! Viewing 10 replies - 1 through 10 (of 10 total) The topic ‘WordPress updates / database update’ is closed to new replies. ## Tags * [database update](https://wordpress.org/support/topic-tag/database-update/) * [upgrade](https://wordpress.org/support/topic-tag/upgrade/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 10 replies * 3 participants * Last reply from: [allm](https://wordpress.org/support/users/realblueorange/) * Last activity: [12 years, 1 month ago](https://wordpress.org/support/topic/wordpress-updates-database-update/#post-4847203) * Status: resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics