Updating WordPress & Plugins – the dreaded “Connection Information” dialog!

If you’ve spent any time using WordPress, no doubt you’ve encountered this “error” message:

To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.

Usually you’ll get this whenever you try to update plugins or update your WordPress install to the latest version.

PC LOAD LETTER?  What does that even MEAN?!

PC LOAD LETTER? What does that even MEAN?!

The jist of this error is that WordPress is trying to write to a file on your web server, but can’t. When WordPress can’t write a file, it asks for your FTP credentials in order to write the file on your behalf.

You could attempt to modify the permissions of your WordPress install so that it can write to these files, but this is something of a security risk. It’s generally a bad idea to have a web application that can change itself – a minor security issue can quickly become a major one if this is the case. You don’t want to lose your content, get hit with an SEO penalty for hosting hacked content, and alienate your users by getting hacked, do you?

Sometimes you can just give WordPress your FTP info, and it will be happy. But FTP is a terribly insecure protocol, and increasingly web hosts aren’t supporting it anymore. The host we use has it as an option, but they strongly suggest that you avoid it.

What’s a WordPress user to do then? I’ve tried a number of things to get around this, but my preferred solution is to just update my plugins and my WordPress install through the shell.

The shell is something that seems intimidating to new users, but don’t let it scare you! It can take a bit of getting used to, but once you get the hang of it, you’ll be a power user in no time.

Getting Your Shell Ready

First, you need to log into your web host’s shell. You can do this with a program like PuTTY on Windows. You’ll need your SSH login information, which comes from your hosting company.

At the shell prompt, you’ll want to change into the directory where your plugins are. If the root of your site is your blog, this is usually going to mean a command like:

cd wp-content/plugins

If your directory structure is different, the wp-content directory might be elsewhere.

Download the Updated Plugin

Now, you’ll need the URL of the updated plugin you wish to install. One way to get this is by opening the “Installed Plugins” admin panel, and then clicking the “Visit plugin site” link for the plugin you’re updating. Usually there’s a big “Download” link on this page. Just right-click, and copy the download URL.

Next, we’ll use the shell to download the updated plugin’s zip file, like so:

wget http://downloads.wordpress.org/plugin/google-analytics-for-wordpress.latest-stable.zip

For this example I picked the “Google Analytics for WordPress” plugin, but you’d want to put whatever the URL you got in the previous step in this command. Note that I will usually put the URL in quotes – this isn’t always required, but if the download URL has special characters (especially the “&” symbol) you’ll want to do this, lest the shell interpret part of the URL as a command and cause you issues.

Backup & Install

Backing up your old plugin is optional, but recommended. For this, we’re going to use tar, which is like a zip utility for Unix systems:

tar -cjvf my-backup.tar.bz2 google-analytics-for-wordpress

In case something goes wrong, or you need to restore the old version, you can undo your changes with the command:

tar -xjvf my-backup.tar.bz2

Once you’ve done your backup and you’ve got the new plugin downloaded, unzip it:

unzip google-analytics-for-wordpress.latest-stable.zip

This will overwrite the old plugin’s files with the latest version.

Now, it’s probably a good idea to remove the .zip file, since we don’t need it anymore:

rm google-analytics-for-wordpress.latest-stable.zip

That’s all there is to it! You can update plugins quickly and easily with this method, and not muck about with permissions and/or open any silly security holes in the process.

Updating More Than Plugins

As for updating WordPress itself, I use the SVN method detailed on this WordPress Codex page which is kind of tricky to get started, but it’s a cinch to keep updated. There’s a method of converting a “traditional” install to a SVN install on that page, if you’ve already got a traditional install of WordPress going.

Once set up, the only thing I have to do is:

svn sw http://core.svn.wordpress.org/tags/3.5.1/ .

Where the version number “3.5.1” is just whatever the latest release number is. This handles all the file updates, additions, and removals automatically.

You could probably do a similar “download, backup, install” method as the plugins above, but I’d really highly suggest making and keeping a backup of your site if you go this route.