Hmm, I think disabling the auto updater of WordPress itself is probably a good decision. But updating through Softaculous is generally very safe. Are you sure that disabling the automatic upgrades from Softaculous is necessary? Because if that uses the same mechanism as the manual update through Softaculous, I think it’s safe to enable that.
One concern though is that the Softaculous catalog on free hosting isn’t always up to date with the catalog from Softaculous itself. So never updating WordPress by hand may result in websites with known security vulnerabilities not being updated.
According to the documentation, it’s also possible to set the update options to 'minor', which menas that only security and maintenance updates are done automatically. I personally primarily see the corrupted site when WordPress does a bigger release, not on security updates. Security updates tend to be smaller, so they may be safe enough to do automatically.
I would normally apply the update(s) (themes/plugins/WP update) 1 or 2 weeks after every release(s). This is to ensure that all kinks are sorted out. I had a few bad experiences where plugins/themes updated immediately would caused hosting account to be suspended “due to abuse”. I am playing safe using this same principle for this case. This will be at the expense of security.
Yup, had noticed this issue as well. Updated WP via ftp on quite a few occasions as well
You can just follow the official install guide. All you need for it are FTP access and to have a database set up. Creating the database can be done using the control panel or using our client area instead.
Every script in existence has their own installation instructions, and they never say “just use your hosting provider’s script installer” with no alternatives. So you are never required to use the script installer, or be limited to the script available in it.
