The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Auto Wordpress Updates Outside of cPanel?

Discussion in 'General Discussion' started by jazee, Jan 31, 2017.

Tags:
  1. jazee

    jazee Active Member

    Joined:
    Jan 12, 2015
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    It appears Wordpress installations running on a Cpanel/WHM system have core updates disabled. So if you have 20 Wordpress sites running on your server does Cpanel update the core for ALL those wordpress installations even those installations that were installed from the command line shell and not from within Cpanel?

    There's a very handy plugin call Easy Update Manager that lets you fine tune the control of automated updates for both core and plugins. One feature that is nice is getting an email notification after automatic updates are applied. If the function is disabled in lieu of Cpanel doing the update, then I won't get the notifications.

    The comment in the config file says there is potential data loss if you have both enabled. Data loss from what? The potential for both updates to be running at the same time? I would assume Cpanel won't update a Wordpress site that was already updated?!? I'm still also surprised if the Cpanel updates, update all wordpress files on every host on the server, even the ones not installed from within Cpanel?

    I suppose Cpanel does send email notifications about updates. If it IS indeed updating all Wordpress installation core files, then I can turn off core updates on the Easy Update Manager and I guess that solves it.

    From the wp-config.php file: (I think this only get inserted if you install it from Cpanel - I have sites that were a command line install that don't have this.)

    * Core updates should be disabled entirely by the cPanel & WHM® Site Software
    * plugin, as Site Software will provide the updates. The following line acts
    * as a safeguard, to avoid automatically updating if that plugin is disabled.
    *
    * Allowing updates outside of the Site Software interface in cPanel & WHM®
    * could lead to DATA LOSS.
    *
    * Re-enable automatic background updates at your own risk.
    */
    define( 'WP_AUTO_UPDATE_CORE', false );
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    cPanel only manages the WordPress installations that were installed through cPanel. It does not manage the installations that were installed or updated outside of cPanel. More information on how this works is documented at:

    Manage cPAddons Site Software - Documentation - cPanel Documentation

    Also, I encourage you to vote and add feedback to the following feature request:

    Manage WordPress from within cPanel

    I believe the request includes changes that you would find helpful.

    Thanks!
     
  3. jazee

    jazee Active Member

    Joined:
    Jan 12, 2015
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Well this does appear to possibly be the can of worms my gut was telling me it was - hence the original post with a lot of questions about all these unknowns. I finally found one article (including tons of comment discussions) that digs deeper on this but it still leaves questions.

    For one thing I was shocked to learn that the add-on actually modifies the core code. This means as far as I can tell, at least regarding updates, it makes your Wordpress site less portable. What if you want to move it to a server that isn't running Cpanel?

    Here's the article:
    wptavern.com/cpanels-site-software-addon-disables-wordpress-auto-updates

    What this article fails to do is clearly and concisely summarize the pros and cons of (a) using the Cpanel Wordpress Add-on, and (b) installing Wordpress not through Cpanel so it doesn't have the add-on and updates are handled by the normal Wordpress functions.

    Anyone got a clue?
     
    #3 jazee, Jan 31, 2017
    Last edited by a moderator: Jan 31, 2017
  4. jazee

    jazee Active Member

    Joined:
    Jan 12, 2015
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hi Michael! Thanks for the info but it still leaves a lot of questions. Would greatly appreciate it if you can add additional clarification on this.

    Correct me if I'm wrong but is the premise of the CPAddon Wordpress installs so that the server administrator can insure all Wordpress sites being hosted on their server are kept up to date despite the settings in each individual Wordpress installation? If that is true, doesn't that risk breaking people's sites? I assume that risk is minimized in that Cpanel only handles Security Updates (minor) and no major updates of course?

    If my assumptions are true, it seems to me if the Server Administrator's usage policy is that they want to leave the automatic update settings up to each individual Wordpress administrator, then the CpAddon Installation should be disabled in WHM, correct? In my case, all my sites are my clients and I'm the admin so I have a simplified case. I can see on a server where you want to advertise easy one-click installs of Wordpress yet can't trust every admin to keep their software up-to-date that the CPanel WP management greatly reduces issues from a security standpoint. However, I think must hosting customers that are technically proficient would not like the "Big Brother" approach so I suppose you just have to make it clear to customers if they want "full control" of their WP config from and update standpoint, DO NOT USE the Cpanel One-Click install.

    Finally, how can a WordPress installation with the CpAddon be reverted back to a unmodified installation? My guess is that first remove the add-on, then re-install the core?
     
  5. jazee

    jazee Active Member

    Joined:
    Jan 12, 2015
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I deactivated Easy Updates Manager to get the Re-Install button to appear so I could re-install the core.

    So I backed up all the files, then deleted all the files (kept the DB). Re-installed Wordpress from the command line (Centos 7). Enter the same DB credentials on install setup, it recognized it. Copied wp-content folder from old installation.

    This is what shocked me. I hadn't really noticed until now that on my CPAddon WP Install, it was saying my version was current and was 4.4.2!!! The current version of Wordpress at the time of this writing is 4.7.2! So either the CPanel wasn't updating this version, or 4.4.2 is the latest version that has Cpanel's blessing, or the Cpanel mods broke the version number display accuracy (I doubt the last)
     
    #5 jazee, Jan 31, 2017
    Last edited: Jan 31, 2017
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Yes, in your particular case, it's likely a better idea to disable WordPress as a cPAddon and install it manually on websites. Updates are then handled by the individual WordPress administrators and the WordPress core files are not manipulated to support the cPAddon feature.

    Yes, in addition to providing an easy installation method to cPanel users, another benefit to the WordPress cPAddon is the ability for server administrators to ensure the software remains updated across multiple accounts. Updates include new WordPress versions, not just security updates. We test the upgrade process before releasing the updated version to help ensure the changes don't break the websites, and this is also a reason cPanel will stop managing the WordPress installation if a user manually upgrades WordPress outside of the cPanel environment.

    You can use the upgrade instructions available at the following URL should you choose to do this:

    Upgrading WordPress - Extended Instructions « WordPress Codex

    Information on managing or disabling cPAddons is documented at:

    Manage cPAddons Site Software - Documentation - cPanel Documentation

    WordPress version 4.7.2 is now offered in cPanel. The versions don't always match up to what's available directly from WordPress because the new versions must go through internal testing before released as part of the cPAddon feature.

    I encourage you to open a feature request if you'd like to see changes to how WordPress is integrated with cPanel:

    Submit A Feature Request

    Thank you.
     
Loading...

Share This Page