Upgrading WordPress via Shell
The word is already out that WordPress 2.1.1 is severely vulnerable and you have to upgrade to WordPress 2.1.2 to keep your blog safe.
Since the release of 2.1 we have seen two upgrades in little over a month and upgrading WordPress can be a real pain in the neck. It becomes really bad when you’re talking about upgrading more than one blog.
For those who have shell access upgrading WordPress can be a lot less painful and this guide hopes to set you establish just that. I upgraded three installations in less than fifteen minutes. It would have been faster but I am sure I saved a great more time had I to do it the hard way!
Firstly, make sure you backup your installation. There are a lot of guides explaining this, so I won’t go into detail, unless you want me to.
Once, the database is backed up, login to your account via shell and navigate to the folder of your WordPress installation. Mine is installed in public_html
itself.
Once in there run the following commands (read the notes at the end first):
wget http://wordpress.org/latest.tar.gz
tar xfz latest.tar.gz
rm -rf ./wp-includes/
rm -rf ./wp-admin/
cd wordpress/
cp -rpf ----reply=yes * ../
cd ..
rm -rf ./wordpress/
rm -f latest.tar.gz
The above commands will fetch the latest WordPress installation and untar it. It then deletes wp-includes
and wp-admin
and all its subfolders and files. If you have modified any files in there, you will need to make the modifications again.
We then copy the newly downloaded files to your existing WordPress installation.
The untarred files and the downloaded .tar.gz file are deleted.
After running the command above, run the upgrade file in /wp-admin/upgrade.php
in your browser.
While this guide will work with just about any WordPress upgrade, I advise you to use it only for minor updates. When making a major upgrade, say from 2.0 to 2.1, it is advisable to delete all the old WordPress files before moving the new ones.
I haven’t touched wp-content
and its subfolders above to ensure your existing files, plugins and themes are not effected. Any new files, plugins and themes that come bundled with the new version of WordPress will overwrite the existing ones.
Ohh… and tell me how much time this has saved you.
Note:
- The code above will work only on a Linux / Unix server.
- I’ve been informed that the
--reply
may not work/be needed on certain Linux installations. - It also assumes that you are logging in to the shell via your own account. If you login via
root
, the permissions will change and you will need to runchown -R username *
(change username to the account owner’s username) to correct the permissions. This can cause problems with WP-Cache, so you will need to reinstall the plugin again. - If you are using translations, please backup
wp-includes/languages
before running the commands above.
Disclaimer: Make sure you backup your installation. I won’t be held responsible if something goes wrong when you follow this guide.
Typo on line 7? Shouldn’t it be:
rm -rf ./wordpress/
@Scott, I have used
-f
in the above code. It ensures that the files are overwritten.You can also use
-–remove-destination
instead.@Mark, Thanks. Have corrected the same.
Hi Hari,
rsync seems like a good option too if you are running Linux. There also seems to be a Windows package. Gonna take a look at this in detail.
Thanks.
I created a script using your commands and was able to upgrade several sites very short order…
Thanks!
Hi Paul,
Glad to know it worked well for you!
Keith, the link is throwing up a 404. I guess the permalinks are messed up on your blog.
You had a typo in step 6 and forgot to exit from the wordpress directory before you try and delete it.
6. cp -rpf –reply=yes * ../
7. cd ..
8. rm -rf ./wordpress/
9. rm -f latest.tar.gz
Sorry.
6. cp -rpf –reply=yes * ../
Thanks Matt. Missed that… Strangely no one earlier checked it…
Anyway, the files wouldn’t get deleted previously.
Fabulous idea, and I like the simplicity of the script. However the script has a few minor issues that should be pointed out …
1 – permissions are not taken care of. What user are you running this script as? Are there any permissions that need updating afterwards?
2 – you are running it from the WordPress document root and that might be included in the instructions.
Also note that the cp command on my Linux system does not accept the
-reply=yes
parameter as valid. I believe the parameter should be
- -reply=yes
(no space between the two dashes, that’s just for this comment to display both dashes)However my cp command notes that this is deprecated, and to use
-f
instead. Your script already includes this parameter though so perhaps there’s no need for the -reply=yes?
Ajay, what do you refer when you tell login via shell. I have never done that before, can you explain that a bit?
I use cp -R –remove-destination for my copy command. Do you think it’s still necessary to remove old files first when upgrading dot releases?
I did remove directories this last time because of the 2.1.1 issues.
Wow. I just tried this out on one of my domains and I can’t believe how quick it is!
Until 30 minutes ago my procedure was to download the latest version to my PC, unzip it and upload it again via Dreamweaver and then perform the upgrade.
You are a genius! This will make it much easier to stay on top of my WordPress upgrades!
You know what would be useful (since I’m a bit of a *nix noob), what’s the command to tar the contents of a directory? Presumably if we run that in advance, we’ll have a neat little archive just in case things go wrong!
I personally download the tar.gz file locally and then use “rsync -avrz [local dir] [remote location]” to update the remote files. (I have Linux on my local system). It requires fewer commands and you don’t need to run commands on the server.
It’s more comfortable that way. However, your idea is also good.
I put up a post a bit over a week ago with a linux shell script to auto-magically download and upgrade a blog installation to the new version.
Download and details available from my WordPress Blog: http://krell.cellsandbytes.net/2007/02/22/wordpress-upgrade-script/
Caught and corrected. Thanks for catching that, Ajay. The permalink should be working now.
I use a shell-script for this that works on all WP-installs so far, not just 2.1.2.
See this blogpost on my weblog.
@Kirk, only the -f on my version of Linux (CentOS 4.4) kept prompting me hence I needed to use
--reply
WordPress seems to be changing the double dash to a single one. Just modified the code above with four dashes, so it works correctly.
I’ve also updated the post with a note addressing the two points you raised above. I faced the problem, but assumed that most users would be logging in with their own accounts.
@Mr. Byte, your host needs to give you shell or SSH access so you can login to your installation. The server should be a Linux/Unix server. It is similar to the command prompt in Windows.
@Gerard, I’m no genius, just a little guy trying to find easier ways to do things!
Keith’s script is good as it does the job neatly and if want to run a single script. My commands above can be converted into a script as well. I prefer to run it manually.
In case you wish to create a backup of the folder, run
tar -cvvf home.tar home/
where home gets replaced by your blog folder. You can also rungzip -c home.tar > home.tar.gz
to compress the file you created above.I prefer just backing up the database, as it is the most important component.
\”You’re\” == \”you are\”. You want \”your\”.
Also, the first time I tried submitting this comment, it incorrectly told me I got the anti-spam sum wrong. In actual fact, the problem was that it didn’t like the fact that my browser didn’t send a Referer header.
Yeah , I guess I have access to shell. I have cPanel in Linux server, I usually update through fantastico…
@Jim, Thanks for the correction… small oversight, big grammatical error!
But, I do hope you use your correct email address next time.
@Mr. Byte, Having cPanel doesn’t mean you got shell access. Write to your hosting company and ask them to enable it. You will then need to use a SSH client like Putty.
Gerard, if you check out the link to my script above which works in a similar manner, it will create a backup of your existing wordpress installation before replacing it with the new files.
Hey Ajay
Fantastic steps to upgrade..thanks a lot..
You’re welcome Nici
Oh is it…. will ask them… already I have problem with php mail() function in my server… Probably i’ll do it through fantastico itself…
I prefer to build each new release into its own directory structure and then update the site by repointing a symlink. This means the previous version is still there so you can revert or refer to it whenever you need to. So, if you’re currently on 2.0.7:
cd /var/www/html
mv -v wordpress wordpress-2.0.7
ln -s wordpress-2.0.7 wordpress
Once you have done this (and not before!) you can upgrade using a script like this:
#!/bin/bash
NEW_VERSION=\"wordpress-2.1.2\"
cd /tmp
wget http://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
cd /var/www/html
mkdir $NEW_VERSION
cp -rfp wordpress/* $NEW_VERSION
rm -rf $NEW_VERSION/wp-includes
rm -rf $NEW_VERSION/wp-admin
cp -rfp /tmp/wordpress/* $NEW_VERSION
rm -rf wordpress
ln -s $NEW_VERSION wordpress
But, by leaving the old files, aren’t you leaving your server open for exploit?
But, by leaving the old files, aren’t you leaving your server open for exploit?
No, the old versions are not externally accessible.
Being bilingual, I can tell you that your instructions will remove the /wp-includes/languages folder which is necessary if someone is using localizations. If used as is, this would obviously break most of my clients’ websites…
Besides that, I think the thinking is sound and wish WordPress would offer some upgrade feature which would simply the whole process for everyone involved.
@Jean, Thanks for pointing this out… I’ve updated the notes above.
EasyWPUpdate is another way to upgrade WordPress and do backups of current files and database all in one script. Has been working well for me for multiple sites for the last few upgrades.
Nice one mate, this was so much simpler than doing it manually through FTP
Appreciate it!
Then there is no problem …
@Kevin, thanks for pointing this script out.
@James, you’re welcome 🙂
When you copy the new files over the old installations, doesn’t that include the new wp-content in it and will overwrite the existing one? I think there must be a step to delete the wp-content from the tarred folder so that it does not overwrite the old one before you start copy. Please correct me if I’m wrong.
#4 hari,
The rsync way is very slick indeed, I wondered I had no thought of that.
I used a port on Windows called cwrsync which did the job perfectly and took 9 seconds to update the whole site.
It would be easy to write a script to wget the latest file, untar it and rsync it all using your local machine.
@Yves, I still have to try rsync out.
@Haitham, unless you have customized the default theme (you should run your own theme), you have nothing to worry about why overwriting
wp-content
doing this worked for me, changing \”username\” to your actual regular user account name.
before running this for the first time on a server, I found I had to \”su\” in as root to have permission to overwrite existing files, so the first time I run:
1. su root
2. cd /home/username/public_html/blog
3. chown -R username *
4. su username
then the script runs fine, on this, and any future upgrades.