A smooth and painless transition from old wordpress site to a new one?
September 22, 2014 4:15 PM   Subscribe

So I have a little website for my business. I made it using WordPress 3.3.1 and Thesis 1.8. Got hacked and website is ready for a refresh. I am ready to move to Wordpress 4 and thesis 2.1. Some complications inside. Help?

Ninja Mefi Webmasters help!

The reason I procrastinated so long is because I have multiple plugins that were not compatible, and I was scared to break the site up.

Website got hacked a few months ago, we restored it, but apparently now runs a nasty scripts that adds hidden junk sites links to each post. So now we really have to have a new start, like yesterday!

The best idea I had so far, was
1. create a new folder on my webhost.
2. create the new website with the updated worpdress and thesis and copy paste all the content from the old website while maintaining the old address paths.
3. somehow make this new website invisible so google doesn't index it, to avoid content duplication (read somewhere that Google doesn't like duplicate content).
4. after I absolute make sure the new website works seamlessly and maintains the old links, simply delete the old folder and copy the new folder contents to it.
5. victory?

We get the bulk of our business online, so having the website down, or hurt it seo and linkage for a few months could really hurt us. Any other solutions? Willing to pay $$$ for premium services.

Is this my best bet? Am I overcomplicating it? Are there any easier more streamlined solutions?

Thanks and looking forward for your wisdom!
posted by Sentus to Computers & Internet (6 answers total) 3 users marked this as a favorite
 
First, your web host should have regular backups. I would absolutely see if you can get a clean copy of the content from just before it was hacked.

There are several different ways to organize yourself-- a clean new installation and port the content, upgrade a copy of your old site, etc. It is relatively trivial to install WP to a sub-directory, then remap it to your default address after you have tested it. In the meantime, yes, you can set up your robots.txt to manage which pages are indexed by search engines.

I think that if you reinstall from a clean backup, you won't have to worry about remapping pages and urls, but if that's not true for whatever reason, there are WP plugins that will do bulk search and replace throughout your content, which I have used under similar conditions. You can always do the updates directly in the database, but I found the plugins to be convenient for managing backups and S&R quickly and easily. Something that would take days updating by hand takes 90 seconds instead.
posted by instamatic at 4:30 PM on September 22, 2014


WP has pretty good documentation, and this kind of question is a bit hard to answer generically, but here are some places to start:

Updating WP: http://websynthesis.com/updating-wordpress/

Hiding pages from search engines: https://support.google.com/webmasters/answer/6062598?hl=en

Install WP into it's own directory: http://codex.wordpress.org/Giving_WordPress_Its_Own_Directory

(Sorry for clunky links-- posting from phone.)
posted by instamatic at 4:37 PM on September 22, 2014


Fixing a hacked WP website can be anywhere from not all that hard to quite difficult and time-consuming, depending on the hacks that happened.

I do Wordpress stuff as a side business (I charge by the hour) and can definitely fix it for you, and help you with some hardening and security stuff afterwards so it doesn't happen again. MeFi mail me if you decide you'd like to just spend some money to let someone else fix it for you, and I can let you know how much it might cost.
posted by stavrosthewonderchicken at 6:32 PM on September 22, 2014


Oh, and in case you decide to try to fix it yourself: the actual on-disk files (php/js mostly) that are the site itself are probably compromised. There are plugins available for free at wordpress.org to help you scan for those (although false positives and so on do happen). A clean site with a fresh install of WP and fresh copy of the theme you're using might fix that up. It's possible that your .htaccess files have been compromised, so that needs a look too.

It's also possible that the database was compromised, which is considerably harder to track down and fix, because even if you replace all the files, if there is naughty code injected into the db, that's going to reappear until it gets scrubbed.

Some (usually automated) hacks also target your wp-uploads folders, where all your image etc uploads live, and put executable php files in there, so all of them need checking as well. Just copying that user content over to a fresh site might well copy over that stuff as well.

Your problems could be arising from one or more of any of these.

It's a nightmare getting a WP install hacked, and one I've fixed for myself and others too many times over the years. Thank goodness for the advent of new and helpful plugins in the last year or two that focus on fixing some of the more glaring holes that get exploited -- they've dropped the frequency of having to deal with it, on my sites at least, from once or more a year to pretty much never, these days (despite getting constantly hammered by bots looking for openings, sometimes on the order of tens of thousands of bot-hits per day when a storm hits).
posted by stavrosthewonderchicken at 6:45 PM on September 22, 2014 [1 favorite]


I used WP Valet earlier this year to move a site with tens of thousands of entries and found it to be quick and reliable. Definitely a lot easier than doing it myself. My one caveat: they did not properly handle high-level characters when moving the database, so I had to fix that myself (there's a plugin that fixes it, actually, that works a treat).
posted by Mo Nickels at 10:41 AM on September 23, 2014


If you're moving a WP site wholesale, I used and can't recommend Backupbuddy highly enough. It's paid, but worth every cent. Doesn't help you much if you need the site cleaned before moving it, though.
posted by stavrosthewonderchicken at 2:58 PM on September 23, 2014


« Older Keeping those bridges strong, strong, strong   |   Having Trouble Finding/installing Mac OS 10.10... Newer »
This thread is closed to new comments.