Published August 24, 2024

What WordPress Can Learn from the 2024 CrowdStrike Incident

In 2024, CrowdStrike’s auto-update incident knocked 8.5 million devices offline globally, making headlines and causing massive chaos. Though WordPress sites weren’t directly impacted, there’s a crucial lesson for WordPress site owners and agencies alike: automated updates, while convenient, can be risky.

Just as CrowdStrike’s faulty update grounded flights, disrupted online banking, and left healthcare systems offline, a faulty WordPress update could wreak havoc on your website’s most critical functions, like lead forms and checkout processes. The CrowdStrike incident reminds us of the potential dangers of auto-update, something WordPress site owners need to take seriously.

WordPress Updates: A Double-Edged Sword

In the WordPress community, updates are often met with caution. One wrong move can break a site, and without proper monitoring, you might not even realize it until days later. For those managing multiple sites, the stakes are even higher. One bad update across multiple sites with the same plugin stack could spell disaster.

Yet, avoiding updates altogether isn’t an option. Updates are essential for security and functionality. But blindly relying on auto-updates can be dangerous. So, what’s the solution?

Guardrails for WordPress Updates

1. Turn Off Auto-Updates: While convenient, auto-updates can introduce risks with every release. Consider disabling auto-updates across your sites or at least disable them for complex plugins that are likely to break such as page builders such as Elementor, e-commerce plugins such as WooCommerce, learning management plugins such as LearnDash, etc.

2. Automated Testing: Before any update is applied, run automated tests on your critical WordPress forms, WooCommerce checkout, and other key functions to ensure nothing breaks. These tests ideally would be done on both staging and then production once the updates are live. This approach catches issues before they impact your real users. CheckView makes such WordPress automated testing easy by eliminating the need to write custom tests or manage complex testing platforms in many cases.


Automated testing ensures worry-free updates, keeping your site running smoothly without the guesswork.

3. Visual Monitoring: Set up visual regression monitoring for your homepage, lead forms, checkout pages, and any other critical pages. Compare before-and-after screenshots to detect discrepancies, so you’ll be alerted to any unexpected changes. Tools such as Visualping.io are perfect for this.

4. Backup and Restore: Before any update, create a backup of your site. If something goes wrong, you can quickly restore your site to its previous state, minimizing downtime and protecting your business.

6. Delayed Updates: If an update breaks your staging site and there’s no immediate fix, delay the update, giving you time to work with the plugin developer or explore alternatives.

Lessons Learned

The 2024 CrowdStrike incident is a powerful reminder that automation, while valuable, must be managed carefully. WordPress site owners should take a proactive approach to updates combined with automated testing using tools such as CheckView. By doing so, you can protect your site’s critical functions and avoid the chaos that unchecked auto-updates can bring.

CheckView.io is here to help you update your site with confidence—no coding required, no guesswork involved, just safe, reliable testing before and after you run your WordPress updates!