← Back to blog

Delaying Updates Isn't Safety — It's Deferred Risk

The 'don't touch it, it's working' approach to client WordPress sites feels safe and quietly builds the biggest incident of all. Here's the trade you're actually making.

Ben KalskyCo-founder & Engineering, Digitizer · · 2 min read
WordPressSecurityUpdatesAgency OpsSiteAgent

Every agency has a few sites like this: working, profitable, and frozen. Nobody updates them, because the last time someone did, it broke, and now the unspoken policy is "don't touch it." It feels like the responsible choice. It's the opposite.

This is an illustration, not a specific customer — but you already know which of your sites it describes.

The trade you're actually making

Delaying an update doesn't make the risk go away. It moves it, and it grows it:

  • Security debt accrues. Every unpatched release adds another known vulnerability with a public signature. The frozen site isn't stable — it's a widening target.
  • The jump gets scarier. Skip updates for a year and you're not applying one version bump, you're applying twelve at once — across plugins that changed under each other. The longer you wait, the more likely the eventual update breaks.
  • The incident picks the time, not you. A controlled update happens on a Tuesday morning when you're watching. A compromise or a forced-update happens whenever it happens — usually at the worst moment.

So "don't touch it" doesn't buy safety. It buys a bigger, less predictable incident, later.

Where it bends: make current the safe option

The reason agencies delay is that ungoverned updates are genuinely risky. Remove the risk and the reason to delay goes with it:

  1. See what's pending, fleet-wide. Know exactly which updates are waiting on which sites, and which ones are security releases you can't afford to sit on.
  2. Separate routine from risky. Most updates are boring. Let the boring ones flow through health-checked plugin batches that revert automatically on failure; hold the risky ones for a look.
  3. Keep a real safety net. Snapshots before plugin changes, and recent backups for core and theme, so "current" never means "unrecoverable."
  4. Log it. Every action approved and audited, so staying current is a routine, reviewable process — not a nerve-wracking event.

The honest boundaries

  • Automatic rollback covers the plugin batch path; core and theme updates run governed but without automatic revert — keep a backup for those.
  • Governance shrinks the risk of updating; it doesn't make any single update impossible to break. The point is that a break is caught and reverted in minutes, not discovered by a client.

Current is the safe state

Frozen sites feel safe and age badly. The way to actually be safe is to make updating so low-risk that there's no reason to defer — visible, reversible on the plugin path, and logged.

That's what Aura's SiteAgent plugin is for. It's free and open source; connect your first site to see its pending updates and health in a minute. The governed rollout-and-rollback flow runs on a paid plan — see pricing, or work the numbers on the care-plan margin calculator.

Frequently asked questions

Is it safer to delay WordPress updates?
No — delaying trades a small, controllable downtime risk for a growing, uncontrollable security risk. Unpatched plugins accumulate known vulnerabilities, and the longer you wait the bigger the eventual update jump becomes, which makes it more likely to break. Delay doesn't remove risk; it compounds it.
Why do agencies delay client updates?
Because updating a live client site is a gamble without guardrails: one bad update means downtime, a client call, and an emergency fix. Delay feels safer than that. The real fix is to make updates safe — visible, reversible on the plugin path, and logged — so there's no reason to defer them.
How do you stay current without breaking client sites?
Put visibility before automation: know what's pending across the fleet, gate the risky updates for review, apply routine ones through health-checked batches that roll back on failure, and keep backups for core and theme changes. Current and safe are not opposites once updates are governed.
← Back to all posts