Auto Instal Of 2020 and 2019 Themes During Updates
-
A number of times I have noticed that during WordPRess Core updates the TwentyNineteen and TwentyTwenty Themes get installed automatically.
As per good security process I remove all un-needed code to ensure a smaller attack surface for crackers.
One part of this is removing all unused themes. These themes are not 100% secure, as evidenced by security updates etc in the past.
What is now happening is during some updates the themes are getting re-installed. I just rescued a site with WP 4.9 on it, got the code up to scratch and ran updates. 2019 and 2020 themes were reinstalled – and then to add insult to injury stated they were out of date versions and themselves needed to updated to a more modern version (0.5 version leap from memory).
1 – Core updates should never add in themes, plugins and other similar code. That’s purely a user’s choice
2 – Core updates are for just that – core. Not extra code like themes.Is there some way to ensure this doesn’t happen again. Its happened a few times. The first couple I thought I was getting old and and forgotten to clean them out – but a test proved it wasn’t me going nuts.
I know how to stop it – make folders with the same names as the themes and lock them at file level – but I suspect that would just add a failure to the updates process.
TIA
- The topic ‘Auto Instal Of 2020 and 2019 Themes During Updates’ is closed to new replies.