Wordpress automatic updates

I maintain a couple of wordpress sites, and I rarely want to spend time keeping them up to date. I use this permissions script https://www.devinhoward.ca/technology/2014/mar/wordpress-permissions-script though, which disallows Wordpress's normal auto-update mechanism. This vastly increases the security, which is worth it, but I need another way to auto-update.

So I use this script, along with the excellent command line tool wp-cli: https://wp-cli.org

Here is the script:


WP_ROOT="$1" # e.g. /home/devinhoward/wordpress
WEBSITE="$2" # e.g. https://wordpress.devinhoward.ca

$WP_CMD core check-update | grep -v 'WordPress is at the latest version'
$WP_CMD plugin status | grep '^ U'
$WP_CMD theme status | grep '^ U'


CORE_OUTPUT=$($WP_CMD core check-update | grep -v 'WordPress is at the latest version')
if [[ -n "$CORE_OUTPUT" ]]; then
  CORE_UP_OUTPUT=$($WP_CMD core update | grep -v 'Success: WordPress is up to date.')
  git add -A .
  git commit -m "$(echo "$CORE_UP_OUTPUT" | head -n1)"

PLUGIN_OUTPUT=$($WP_CMD plugin status | grep '^ U')
if [[ -n "$PLUGIN_OUTPUT" ]]; then
  $WP_CMD plugin update --all | grep -v 'Success: Updated 0/0 plugins.'
  git add -A .
  git commit -m " $PLUGIN_OUTPUT"

# Theme updates are too scary, otherwise you could add a section here.

# create a textual verification that the website actually still renders
if [[ -n "$CHANGED" ]]; then
  COMMAND="pandoc -f html -t markdown $WEBSITE"
  echo "$COMMAND yields: "


Some notes:

  • I keep my wordpress websites under version control via git. You can remove the four lines that use git if you don't do this.
  • The last section uses pandoc to verify the site still renders. I have never experienced my site not rendering, but when cron sends me an email it's a nice reassurance. If you don't have pandoc, you can remove this section as well as the "CHANGED" variable.
  • Finally, here's the crontab line I use to run this every day at 1am (it should be on one line):
00 01 * * * /usr/local/bin/check-wp-updates.sh /home/devinhoward/wordpress https://wordpress.devinhoward.ca \
	| mail -E -s "Automatic Wordpress Updates" myemail@mydomain.ca

Add new comment