Public Linux Environment: Manually Update WordPress

Overview

This article provides information and instructions fo manually updating WordPress in the Public Linux Environment. 

Who Needs To Do This?

Anyone hosting a website on the Public Linux / Volweb server (sites hosted on volweb2.utk.edu/~netid).
Note: Those running a site with a Custom / Vanity URL (name.utk.edu) do not need to follow the manual steps. They may continue to update their website(s) through the WordPress dashboard.

Why Does This Need To Be Done?

Two-factor authentication (2FA) is in place across most university technologies and is now required on the OIT Public Linux servers. Due to this change, WordPress and plugin/theme updates can no longer be made through the WordPress dashboard in Volweb sites. Volweb-hosted sites (websites with the URL “volweb.utk.edu/~netid” or “volweb2.utk.edu/~netid”) require a manual update process to securely access your Public Linux environment. Perform WordPress updates by connecting to the Linux server through a Secure File Transfer Protocol (SFTP) client (preferred) or Secure Shell Host (SSH) client to run updates.

The 2FA changes will affect your WordPress site in two ways:

1. WordPress updates cannot be made through the WordPress dashboard.
2. Plugin and Theme installations/updates cannot be made through the WordPress dashboard.

How Often Do WordPress Updates Need To Be Done?

It is good practice to schedule monthly or semesterly maintenance and security checks by logging into WordPress and checking the Dashboard. Check for a red dot next to the Updates button in the Dashboard altering you that there are updates to plugins.

Items To Prepare Beforehand

1. Have your login information at hand.
   1. You will need your UT NetID & password to log into your Public Linux account.
   2. You will need your unique Volweb / WordPress username and password to log into your WordPress dashboard (volweb2.utk.edu/~netid/wp-admin). Your username is likely to be your UT email. If you need to reset your password, select “Lost your password?” and follow the prompts.
2. Be sure you have an SSH/SFTP client (preferred) or working knowledge of Secure Shell. SSH (Secure Shell) and SFTP (SSH File Transfer Protocol) clients are applications used to securely transfer files to and from a server, and usually look very similar to the folder structure on your computer.
   • Download an SSH/SFTP client:
     • WinSCP (PC), Cyberduck (Mac), or FileZilla (PC and Mac)
   • OIT Knowledge Base Directions:
     • How to download an SSH/SFTP client   
     • How to install an SSH/SFTP client
     • How to configure an SSH/SFTP client to connect to your Public Linux / Volweb account
3. Off-campus? You will need a secure VPN connection to UT’s network.

Manual Steps To Update WordPress

Prepare for the WordPress Update

From a web browser:

1. Download the latest version of WordPress.
2. Unpack/unzip the WordPress file.
3. Log into your WordPress site by going to volweb2.utk.edu/~netid/wp-admin and entering your Volweb username and password.
4. In the WordPress dashboard, select Plugins from the left menu. Under the name of each plugin, select Deactivate.

Access Your OIT Linux Account

Using your SSH/SFTP client, do the following:

1. Log in to your Public Linux / Volweb account.
2. You will be prompted for your password. Enter your NetID password and click OK.
3. You will receive a secondary prompt for 2FA – you will either need to enter a passcode from your Duo app or token or enter 1 to receive a push notification to the Duo app.
   
4. Locate your public_html directory.
   
5. Create a backup copy of your website directory by downloading the public_html folder to your desktop. This may vary slightly across different SSH/SFTP clients, but most have several options for downloading a copy of a directory. In your SSH/SFTP client, try one of these:
   1. After selecting the public_html directory, go to File > Download in the toolbar at the top.
   2. Right-click or control-click the public_html directory and choose Download.
   3. Click and drag the public_html directory from the SSH/SFTP client to your desktop.
      ​​​​​​​Note: While details of secure shell are not covered here, note that updates completed using secure shell will require specific command lines.
6. Go into public_html from server…
7. In a separate file window, open the unzipped folder on your desktop of the downloaded WordPress files and open ‘wordpress’ folder.
   ​​​​​​​Note: Make sure the WordPress folder you upload is the one WITHOUT a version number. The folder should ONLY say “wordpress”. Renaming the outer folder is not a solution, the folder you need is just inside.
8. The wp-includes and wp-admin directories:
   1. This process requires you to DELETE existing folders and UPLOAD new folders.
   2. On Public Linux, delete the wp-includes and wp-admin directories within your public_html folder. Then, upload the newly unpacked wp-includes and wp-admin directories from the downloaded WordPress on your desktop to your public_html directory on the server.
9. The wp-content directory:
   1. This process requires you to OVERWRITE files on the server. Do NOT delete this directory.
   2. Open the wp-content folder on Public Linux. On your desktop, locate the loose files inside the wp-content folder and upload them to the wp-content folder on Public Linux.
10. Go to the public_html folder on the server (linux.oit.utk.edu) and pull up the window with the downloaded WordPress directory on your desktop
11. Upload all new loose files from the downloaded WordPress on your desktop to your public_html directory on the server.
12. Optionally, check the new wp-config-sample.php file, to see if any new settings have been introduced that you might want to add to your own wp-config.php.

Check the WordPress Dashboard and Reactivate Plugins

​​​​​​​From a web browser:

1. Log In to your main WordPress admin page at volweb2.utk.edu/~netid/wp-admin.
2. Confirm that WordPress updates were completed by checking your WP dashboard by clicking Updates. You should see a note that states, “You have the latest version of WordPress.”
3. Reactivate Plugins by selecting Plugins from the left menu. Select Activate for each Plugin listed within your site.

Additional Support Documents

WordPress Update Guide

https://wordpress.org/support/article/updating-wordpress/#manual-update

WordPress Database Backup Instructions

https://wordpress.org/support/article/backing-up-your-database/#more-resources

Looking for a Simpler Web Hosting Solution?

OIT also offers OIT-Supported WordPress. The OIT-Supported WordPress environment is designed to allow users to manage content while OIT administrators maintain WordPress, installed plugins, and the underlying operating system. UT faculty and staff can request a site, and all OIT-Supported WordPress sites must be in the UT web template and will operate with an OIT-selected set of plugins. See a comparison of VolWeb and OIT Supported WordPress here.