I have a wordpress website that I maintained entirely through the wordpress admin dashboard. We don't use a staging server or FTP client etc.
I need to make some big upgrades to the the theme version and some plugin versions to fix some bugs.
Is there a way to back up the website or anyway that I can revert to the current setup before I proceed with this? Is there any tools or plugins that I can use for this?
Thanks
You can use this plugin to have backup of your website. Good thing is, it takes backup of db as well. https://wordpress.org/plugins/backupwordpress/
It would be risky on your end to make big upgrades without at least an FTP access, even if you have a backup plugin, when your website breaks up, you can't restore it anyways.
If you really need to do it, just do the updates in small increments, from small plugins to the biggest ones.
Related
I have seen lots of critical errors on my WordPress website. I attached a screenshot below that shows some of these issues. Please look at this and provide some suggestions so that I can fix this problem.
Thank you so much.
Depends how badly broken your site has become.
What is it doing to make you think it's been hacked? Is it just the warnings in the Wordfence scan report?
Before going much further you should for sure grab a backup of your database, wp-config.php, and the contents of the directories wp-content/themes, wp-content/uploads, and wp-content/plugins. Might be a good idea to make a separate backup of the entire WordPress installation directory.
Since you can still access the administration panel, might as well change your password just to be safe. Are there multiple users for your WP installation?
What changes have been made if you click "Details" button in the Wordfence scan?
If you're sure changes to the wp-core files are due to a hack, you can try to repair them using Wordfence's repair feature--it'll restore them to their base WordPress version. But if significant differences are showing for dozens of core files, might be a good idea start over with a clean installation of WordPress.
You'll also want to track down what allowed these malicious changes to be made (has an unknown IP logged into your administration panel recently? Are you using a plugin with a known security issue?), or it'll just happen again.
I have a Wordpress site I need to clone for testing purposes. I used Open-Shift to host the scratch site that I will be working on. As for cloning, I am using the WP Clone plugin. When I create a backup file on the real site, it works, and then I paste the URL on the restore for the scratch site. When I go to my scratch site however, none of the content is their, and I have to re-setup Wordpress. Is there another, better, more reliable way to clone a Wordpress site, or am I doing something wrong?
I have used WP-Clone quite a bit, and unfortunately in this scenario, it is the most solid plugin I have found. If you want to go the same route you have been (ie: use a plugin)...you have multiple options. You could check out:
https://wordpress.org/plugins/all-in-one-wp-migration/
And if you don't mind a little bit of complexity - the most comprehensive solution is probably more like:
https://wordpress.org/plugins/duplicator/
I hope that helps. Sometimes those types of plugins can be a little buggy - and it is still a good idea to scan your database to make sure the information was transferred correctly.
Also, have you checked your wp-config file to make sure it is pointing at the correct database on the new site? Sometimes that requires a manual change, as they differ.
Cheers.
I got in charge of some small sites that are running on WP 3.5; they are all using the same theme (a customized version of Bones). I have only used Joomla some years ago so I have no idea if, after the upgrade, the theme will still be compatible. I want to upgrade my WP version because the current one is vulnerable: I keep getting spam links into my articles that are placed inside hidden divs.
How can I know if the template is compatible or how can I fix the security issue. Any of these will do great.
Thanks!
WordPress does a very good job of changing very little with regards to theme tags in a core update. That said, we have no idea how your theme(s) have been made, or what functions they use.
The best, and probably only realistic option here, is to create a test site (a duplicate) and update that site first, then test to make sure all is working as it should.
As for the vulnerability, this is likely due to an insecure admin password or an insecure plugin. You should ensure all your plugins are up to date and that your admin panel is suitably secure.
When you update wordpress, it will not affect the wp-content folder which is having themes and plugins. So, don't worry update it. But for the secure updation, please take the backup of whole website first. Take backup of database and all files before doing any update.
WP 4 hasn't been out that long. I'd hold off on the upgrade unless you absolutely have to, until you know that all of the plugins used on the sites are compatible w/ WP 4.
Try to install the site on your PC creating a local copy using XAMP (for Windows).
In this way, you can:
download the MySQL database to have all the information of the
website locally;
install the latest wordpress platform locally (on your PC);
test the website thorugh common browsers.
At the end, you'll be sure about the compatibility and you can update the main site.
I have built my own theme with the Artisteer software; then i modified many PHP file to manage the loop in some special ways; so, to be sure that everything is working after an update of the site Wordpress version, i test everything on my PC.
For the vulnerability, please verify your plugin and all your theme file.
In some experiences, there are some plugin or simply some codes place somewhere in your theme which can create something like this:
> <div id="headerblock"> <center> <div style="left: -2227px; position:
> absolute; top: -3337px">
The only thing to do is check all the theme file and plugin to see where this code is placed.
Please check here for more information.
If you only change your password, probably it will not solve you problem because the malicious code is already inside your system.
Sometimes the malicious code can be placed directly inside the MySQL database.
I was building a theme for a client of myne on mamp. When time came to update the theme on the development server, under appearances --> themes, I accidentally deleted the theme I was working so hard on! (I thought I was on the development server wordpress site, not on the local one)
I still have everything open as it was. Is there any way to recover wordpress' delete on my local server?
Assuming that the files are not in the Trash can, there are a few utilities available that may be of some assistance.
This article covers two of the most popular http://www.cultofmac.com/67472/how-to-undelete-files-in-mac-os-x-macrx/
In the event the link dies, the two recommended utilities are
SubRosaSoft FileSalvage
Prosoft Data Rescue
Good luck!
In a wordpress installation we want to have our main site, and a staging site separated and different. Where in the admin interface you separate your staging area?
Let's say:
for production you will have: http://www.yourdomain.com/
but for staging we want to have: http://www.yourdomain.com/staging
Staging is the website that will be in production next.
Any ideas?
With Wordpress 3.0+ you might be able to create a network of sites or install multiple sites with an older version of Wordpress. The catch is I don't know of an easy way of moving the staging to production. I'm not entirely sure that will do what you want, but you may want to look into it.
Personally I'd think you'd probably be better off keeping your staging and production sites on 2 different servers and just do a copy over when you move to production.
I don't know of any instant, simple answers, but have you seen this article in the Wordpress support forum? It has some informed discussion and at-least partial solutions:
http://wordpress.org/support/topic/one-wpseveral-servers
If your staging site doesn't need any database modification, or custom forms/widgets for the backend, you can create a new theme, and test it in the preview mode. When done, you can switch the theme to the new one!