WebARX Product

How To Auto-Update Vulnerable Plugins With WebARX?


March 30, 2020 by Agnes Talalaev

Introducing the new WebARX feature to auto-update vulnerable plugins on the Component page on WebARX Portal.

WebARX is helping web developers and digital agencies protect their whole client portfolio. Our focus on component security is helping agencies and developers feel more confident in offering care plans and keeping all their sites protected.

The component security feature available in WebARX Portal helps you to set up automatic updates. If there is a vulnerability in any of the components (plugins, CMS, themes) you use on your sites, you will receive an update.

This will help you to reduce site management time drastically. It gives you peace of mind, that WebARX protects your sites and auto-updates vulnerable plugins whenever there’s a possible threat.

What Is A Component?

A component is a piece of code that makes up your website.

Let’s take a WordPress site for an example. WordPress sites are built or put together using components. Components are for example the CMS (WordPress core), the plugins or themes you use.

Most of the time, components are built by someone else and therefore you rely on their experience, coding skills, and trust that what they have built is safe and secure.

A worrisome fact is that third-party components, such as plugins and themes account for 98% of the security issues in the WordPress ecosystem.

This is why we are focusing a lot of work towards fighting the component security problem and helping you to protect your sites with the help of the WebARX portal and firewall.

How Does The Components Page Help?

The components page allows you to see a quick overview of all outdated and vulnerable components on all your sites. It will give you a full overview of all the components you have on your site.

The components page will tell you how many different software you have installed on your sites, which sites are outdated and which are vulnerable. You will also see how many of the installed plugins are outdated or vulnerable.

Some of the features include the ability to update:

  • Everything on all sites
  • Specific sites
  • Specific components on all sites
  • Only vulnerable or outdated components
Auto-Update Vulnerable Plugins

The new auto-update feature in the WebARX plugin also makes it possible for all new updates to be installed on your sites right away without requiring any interaction.

There is also an option to only execute auto-update against plugins that have vulnerabilities.

Auto-Update Vulnerable Plugins
Update WebARX plugin to version 2.0.11 to use the update feature.

Note that in order to execute auto-updates or to adjust the auto-update settings you need to update the WebARX plugin. The installed WebARX plugin version must be at least 2.0.11.

You can learn how to check which version of the WebARX plugin you have installed here.

How To Use The Component Management Feature?

Once you are logged into the portal you see a new menu item called “Components”. You can see it in the menu on the left side. The component page contains several tabs which are described below. Clicking this will default to the overview tab on this page.

Overview

This will show an overview of your WordPress sites and their component statuses. You can see the WordPress version, WebARX version, number of components, how many are outdated and how many are vulnerable on each site individually.

Auto-Update Vulnerable Plugins
Components page WebARX Portal: Overview

There will be buttons at multiple places that you can click to execute specific update actions as described above. 

Components

It displays the status (name, current version, new version, security risk status) of all your sites of the following components: WordPress core, plugins, and themes.

Components page showing plugins used on sites added to the WebARX portal.

There will be buttons at several locations that can be clicked to execute specific actions against these components.

Logs

We log all failed and successful update actions for your own records and to determine why an update failed. In case an update failed, this will also show a more detailed error as to why it failed to execute the update.

Components page showing Logs.

Note that this will only display updates executed on the component page and not updates that were executed by any other means.

How To Auto-Update Vulnerable Plugins?

To auto-update vulnerable plugins or the software installed on your websites you need to navigate to the Auto-Update Settings page. This allows you to see the current auto-update settings of your WordPress sites with the ability to update it on all sites individually or globally.

Auto-Update Vulnerable Plugins
Components auto-update page on WebARX Portal.

The auto-update feature is executed on the site itself. It means that the current status is retrieved from your sites one at a time. We don’t store the auto-update date settings on our side.

The auto-update status can hold 3 different statuses: disabled, enabled and unknown.

How to turn on auto-update on a site on WebARX Portal.

If a site has its status set to unknown, it means that we could not retrieve the settings from the site due to not being able to reach the site, timing out or the site returning an invalid response that we could not parse.

Ready to start using auto-update feature on your sites?

Go To WebARX Portal

What are components?

A component is a piece of code that makes up your website.

Let’s take a WordPress site for an example. WordPress sites are built or put together using components. Components are for example the CMS (WordPress core), the plugins or themes you use.

How to protect sites from plugin vulnerabilities?

We are focusing a lot of work towards fighting the component or plugin security problem and helping you to protect your sites with the help of the WebARX portal and firewall.

In order to protect your sites from component vulnerabilities, you need to monitor updates and vulnerabilities. We send daily automatic updates (virtual patches) to WebARX firewall to make sure the sites are protected.

How to enable auto-updates on WordPress websites?

WebARX allows you to auto-update all your WordPress sites from one dashboard. You have the ability to update all sites individually or globally. You can also choose to update only vulnerable sites.

Can I auto-update vulnerable plugins only?

Yes, with WebARX you have the possibility to update vulnerable plugins automatically.

WebARX Product

suggested articles

Start your free 7-day trial now

Protect your websites from malicious traffic - set-up in under 3 minutes.

Try it now

WebARX is compatible with the following platforms:

PHP
WordPress
Magento
Drupal
Joomla