Who needs to do this?
Anyone hosting a website on the Public Linux / Volweb server (sites hosted on volweb.utk.edu/~netid).
Note: Those running a site with a Custom / Vanity URL (name.utk.edu) do not need to follow the manual steps. They may continue to update their website(s) through the WordPress dashboard.
Why does this need to be done?
Two-factor authentication is in place across most university technologies and is now required on the OIT Public Linux servers. Due to this change, Volweb sites running WordPress can no longer perform WordPress, plugin, and theme updates through the WordPress dashboard. Volweb-hosted sites (websites with the URL “volweb.utk.edu/~netid”) require a manual update process to securely access the UT Public Linux environment. Perform WordPress updates by connecting to the Linux server through a Secure File Transfer Protocol (SFTP) client (preferred) or Secure Shell Host (SSH).
The 2FA changes will affect your WordPress site in two ways:
- WordPress updates cannot be made through the WordPress dashboard.
- Plugin and Theme installations/updates cannot be made through the WordPress dashboard.
How often do WordPress updates need to be done?
It is good practice to schedule monthly or semesterly maintenance and security checks by logging into WordPress and checking the Dashboard. Check for a red dot next to the Updates button in the Dashboard altering you that there are updates to plugins.
Items to prepare beforehand
- Have your login information at hand.
- You will need your UT NetID & password to log into your Public Linux account.
- You will need your unique Volweb / WordPress username and password to log into your WordPress dashboard (volweb.utk.edu/~netid/wp-admin). Your username is likely to be your UT email. If you need to reset your password, select “Lost your password?” and follow the prompts.
- Be sure you have an SSH/SFTP client (preferred) or working knowledge of Secure Shell. SSH (Secure Shell) and SFTP (SSH File Transfer Protocol) clients are applications used to securely transfer files to a server, and usually look very similar to the folder structure on your computer.
How to update a plugin
Access the WordPress Dashboard
- Log in to your main WordPress admin page at volweb.utk.edu/~netid/wp-admin.
- Locate the detailed information for each plugin by selecting Plugins from the left menu. Then, select View details or View version (0.0.0) details.
- Note: DO NOT click the “Install Update Now” button at the bottom of the panel. INSTEAD, locate and click the WordPress.org Plugin Page >> link in the right of the panel.
- Download the plugin to your desktop and unpack/unzip the plugin file.
Access Your OIT Linux account
- Using your SSH/SFTP client, log in to your Public Linux / Volweb account.
- You will be prompted for a DUO authentication push. You will either need to enter a passcode from your Duo app or token, or enter 1 to receive a push notification to the Duo app. The prompt will look something like this:
- Locate your plugins directory on the server under public_html > wp-content.
- Upload the new plugin folder from your computer to the plugins directory.
Return to the WordPress Dashboard
- From the WordPress Dashboard on your website, refresh the site by clicking on the refresh button.
- Navigate to the new plugin by selecting Plugins from the left menu.
- Locate the updated plugin from the list and select Activate.