At MODX, we provide managed hosting for various content management systems (CMS), primarily MODX and WordPress. This article clarifies the patching responsibilities and provides guidance on staying up-to-date with your CMS and its components.
Server-Level vs. Application-Level Patches
Server-Level Patches
- Responsibility: MODX (us)
- Coverage: Operating system, web server, PHP, and other server-level software
- Process: We apply these patches automatically based on severity levels
Application-Level Patches (CMS, themes, plugins)
- Responsibility: You (the customer)
- Coverage: MODX, Laravel, WordPress, Drupal, Joomla!, or other PHP applications, including the core, themes, plugins, and custom code
- Process: You need to apply these updates through your CMS admin panel or by following the process as outlined by the software vendor for upgrades
Patching for MODX Sites
- Extras (Plugins) Updates:
- Regularly check for updates in the "Extras" section of your MODX Manager
- Extras and Plugins are updated the most frequently for virtually all CMS platforms
- Core Updates:
- Check for MODX core updates in your MODX Cloud Dashboard or on the main MODX Manager page after logging in
- We always recommend backing up your site before applying core updates
- Custom Code:
- You are responsible for maintaining and updating any custom code or templates
Patching for WordPress Sites
- Core Updates:
- WordPress often releases automatic background updates for minor versions
- Major version updates need to be initiated from your WordPress dashboard
- Theme and Plugin Updates:
- Check for updates in the "Updates" section of your WordPress dashboard
- We recommend backing up your site before applying updates
- Custom Code and Child Themes:
- You are responsible for maintaining and updating any custom code or child themes
Best Practices
- Regular Check-ups: Set a schedule (e.g., weekly) to check for available updates
- Staging Environment: Test updates on a staging site before applying to production
- Backups: Always backup your site before applying updates
- Security Plugins: Consider using security plugins that offer vulnerability scanning
Notifications and Reports
- We do not provide notifications for CMS, theme, or plugin updates
- Your CMS dashboard (MODX Manager or WordPress Admin) should show available updates
- For detailed reports on your CMS and plugin versions, consider using specialized security scanning tools
Support
Please contact our support team if you need assistance updating your CMS or have concerns about a specific update. While we don’t directly handle CMS-level updates, we can provide guidance and best practices.
Remember: Keeping your CMS, themes, and plugins up-to-date is crucial for maintaining the security and performance of your site.