How to move a WordPress site in 10 minutes or less

WordPress Hosting

I’ve had a VPS server at for years to host UseStrict Consulting and other websites. I really enjoyed having root access and all the liberties that come with it. It was going really smoothly until I decided to try out Bitnami instead of the native PHP + Apache installs on my Ubuntu server – “if it ain’t broke…”, right?

But I did touch it and it did break. It turns out Bitnami has some php-fpm memory leaks that I couldn’t get around, and I figured I’d had enough of having to do sysadmin work for the time being. I decided I’d move to a managed hosting company where they’d take care of those issues for me. After some digging, I heard great things about SiteGround (yes, it’s an affiliate link – I like it so much that I endorse it) and decided to try it out.

After moving a few of my sites, I thought I’d share my experience on how to move a wordpress site. Yes, the title says it’s done in 10 minutes or less – I have it down to less than 5, honestly. It depends on how much practice you have, so your mileage may vary. :)

The rest of this article will assume that your new host give you access to cPanel and simple one-click WordPress installs. Let me know in the comments if you want the non-cPanel version and I’ll write it up.


Here are the ingredients you’ll need for a quick and easy move:

  1. SSH or SFTP Access to both old and new servers;
  2. cPanel access on the new server;
  3. Access to your domain’s DNS settings;
  4. Remember to replace all occurrences of below with the domain you’re moving;

If you’re not familiar with SSH, you’ll be able to do everything using SFTP and other tools like phpMyAdmin, but I find SSH faster. If you’re stuck with a Windows computer, look into getting PuTTY installed. In my days of having to use Windows, I’d also always use Cygwin.

Move a WordPress Site

The first thing you need to do is make sure your new host is ready to receive your domain. Go to your cPanel Home and set up the domain you want to move. If it’s your account’s primary domain, that’s already done. If it’s a secondary domain, create it as an Addon Domain. Let’s assume it’s an addon domain.

Creating an Addon Domain

Click on the Addon Domain icon in the domains section of cPanel. You’ll be taken to a page with a form to set up the new domain.

cPanel Addon Domains Icon

cPanel Addon Domains Icon

Fill in the form with your new domain. The rest (except for the password fields) will automatically be filled in for you. Feel free to change the default values, but for the purpose of this tutorial, we won’t change anything.

Create an AddOn Domain

Create an AddOn Domain

Click ‘Add Domain’ and this part is done. Next, we set up WordPress on the new domain.

Setting up WordPress

Back in your cPanel home, look for and click on the WordPress autoinstaller. Yes, you can choose to install WP yourself, but then you probably wouldn’t need these steps at all. But I digress…

cPanel Autoinstallers

cPanel Autoinstallers

SiteGround uses Softaculous to install applications. Granted, I don’t have much experience with cPanel (I’ve always done stuff manually) so I don’t know if it’s something every host uses or not. When you click on the WordPress autoinstaller, you’re taken to the Overview screen in the installer page. I’ve done this a few times now, and for some reason I’m wired to look for an install button at the bottom of the page. It’s not there. Look for the blue install button right next to the Overview tab.

WordPress Install Button

WordPress Install Button

Once you click on the ‘Install’ button, you’re presented with some basic fields to fill in. As you’re moving your site from your old host here, you really care about the following only:

  • Protocol (whether it’s HTTP or HTTPS)
  • Domain (select the AddOn domain that you just created)
  • Directory (leave empty to install WordPress under /home/youraccount/www/
  • Language (select the language of your existing WP install)

Now, you’ll have to live with the fact that the database name and credentials will be different, so if you have any third-party connections to your existing WordPress install, make sure to change them later.

Click ‘Install’ and wait until the progress bar finishes. You’re now ready to receive your old WordPress.

Export Your Old WordPress

The main thing here is that you want to export a dump of your old WordPress database. I use the terminal via SSH whenever I can. If you don’t like to use a terminal and SSH, export it via phpMyAdmin.

This is what I’d typically do via the terminal (on the old server):

$ mysqldump -u <username> -p  <database> | gzip -c > old-wp-dump.sql.gz

Adding the password to the command line isn’t safe, so we leave it out and get prompted for it after we hit enter. Note that we’re also compressing on-the-fly.

Once you’re done with the database, make sure to create a tarball of your old wp-content directory as well.

$ cd /path/to/wordpress/install
$ tar -czvf old-wp-content.tar.gz wp-content/

Download both files to your computer (or leave them temporarily in a place where you can access them via a browser on your old server).

Import Into the New Server

Now we need to get those two files into the new server. I’m still using SSH, but you can use SFTP if you want to.

First thing to do is to back up your new server’s automatically-created wp-content directory (or rename it using SFTP):

$ mv /path/to/www/ /path/to/www/

Back up the automatically-created database. You can find the credentials in your new wp-config.php file.

$ mysqldump -u <new-username> -p <new-database> | gzip -c > new-wp-backup.dump.sql.gz

Now move the old server’s files to your new server. If you chose to leave them in a place accessible via a browser, you can use wget (if it’s available in your new host – it is on SiteGround) to download them directly to your server. Otherwise use SCP or SFTP to upload them from your computer.

We’ll need to uncompress the files soon. Unfortunately, SiteGround doesn’t have gunzip, but you can get around that with gzip -d (and even create an alias for it in your ~/.bashrc file – alias gunzip="gzip -d ")

It’s time to do the actual move. The following commands will read the compressed information and handle them accordingly. To import the database, use mysql:

$ gunzip -c old-wp-dump.sql.gz | mysql -u <new-username> -p <new-database>

Again you’ll be prompted for the password after hitting enter. All of the old tables will be created, replacing the new ones as long as you used the correct table prefix when you ran the autoinstaller.

Now uncompress your old wp-content:

$ mv old-wp-content.tar.gz /path/to/www/
$ gunzip -c old-wp-content.tar.gz | tar -xf -

Replace the Auth Keys and Salts

WordPress uses several Authentication Keys and Salts. In order to avoid issues logging into your new server’s install, you’ll have to replace the salts in the new wp-config.php with the ones from your old one.

The entry in wp-config.php typically looks like this:

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define('AUTH_KEY',         ';LM|C1Op{p`aE>6 FTO64{n#J2c,5KDK6:UxO.OGjHp[`<d%Wj<Fxid-Y_3}#rIn');
define('SECURE_AUTH_KEY',  '6b*K_`ie.A7b2):A-0&|arFv]+b04hT2g93TTRUJHBfp>DL=vJ-a}A9Rh:POjGg@');
define('LOGGED_IN_KEY',    'Q8853bl6ZP-F>r(>wpJhbQu>M|Jt{b6zCcUwR3oyA/6+y<~l#-~,JA-WE.L{ht+@');
define('NONCE_KEY',        'GzVYsIDpbKi%4,xVODWZRE3w?}ez9He@p7wD>I=cM VF[u6AuQF20Cta)Hr9s<hh');
define('AUTH_SALT',        'FmSUv`pq2|%K}yb~r*e)+(,G1}:7I7;/TBxg>h_Ejm0HDD:Y^G&x,yf9t9IRD$3p');
define('SECURE_AUTH_SALT', 'C,QO;+Iu0xw&U}x7}+O_2PS#wn:&z?zh5:75Ys}b[emM2W@.0RT|;dgR+R<u8%[B');
define('LOGGED_IN_SALT',   'T_[R}qRiDS2Ye2z|V:A8?ogn,nU[}[+!wcD#W!X.2)ZC8n5*)sC*Y%Ks*&vo++eT');
define('NONCE_SALT',       '[lP_CFP70&i6l- )z(6Cw <o<0ZDG?sxJ&o&.t|m!xkX!z3$QLB.[dG9XRHE^ yd');

Test It

Your migration is now ready for testing. Pull up your new server’s IP address from your cPanel home and add it to your /etc/hosts file (C:\Windows\System32\Drivers\etc\hosts in Windows)

Save the file and test your website. You should not see any difference at all when viewing it or logging in.

Once you’re satisfied, change the DNS A entry to point from the old IP to the new IP and that’s it! You’ve moved your website successfully. Allow for a couple of days of DNS propagation before taking your old one down.

As an added bonus, if you’re dealing with a high-traffic site that gets lots of database changes, you can set up Remote MySQL connections in cPanel, whitelisting your old server’s IP for incomming connections, and then change your old server’s wp-config.php to connect to your new server’s MySQL database. That way changes coming from people who still have a cached DNS entry pointing to the old server will be made on the new database automatically.

A Technical SBI! for WP Review

SBI! for WP

It’s no secret that I spend my days working for SiteSell. I joined the SiteSell developer team as a Perl programmer in 2010 to work on their SBI! product. This was shortly before starting to develop WordPress plugins during my free time.

SBI! is a suite of tools to help entrepreneurs build online businesses, regardless of the niche – from cat pictures, to everything asphalt, birthday cakes, costumes – you name it, I’ve seen it! And they’re all very happy campers. SBI! offers them the Action Guide (a huge online book containing steps to follow to get their business up and running), hosting, a site builder, and a ton of other support tools. Perhaps one of the most important is Brainstorm It! – a keyword tool that helps people find their niche and decide which keywords to use in their content, based on interest (monthly searches) and competition (number of sites using the keyword).

One thing SBI! wasn’t prepared to do, however, was help struggling WordPress users with their own sites. So I took it upon myself to try and convince management to address this problem, due to my love of WordPress and its plugin interface.

Fast forward a few years and I find myself as the lead developer for SiteSell’s WordPress division, working on SBI! for WP, an adaptation of the tried and tested SBI! product.

Mike Allton, Susanna Perkins, and myself made up a team tasked with using The Lean Start Up methodology to find out how to best supply SBI! tools to a WordPress audience. After several months talking to bloggers and infopreneurs, we came to the conclusion that adapting Brainstorm It! to work within WordPress would be the best way to get started. And so SBI! for WP was born.

Review of the SBI! for WP Initial Process

When a user signs up for SBI! for WP, they get access to a fully revised Action Guide (aka the AG), especially tailored for WordPress users – from choosing hosting to how to select the best plugins . The AG was structured as an online course for ease of use, with completion progress and even a points system.

Once the user is familiar with the steps he needs to take, he can go to the Brainstorm It! tool (on SiteSell’s servers) to set up his niche and Master Keyword List  (the MKL) – a list of up to 5000 keywords related to the business, along with the numbers for interest, competition, and potential.

Review of the SBI! for WP Technical Background

The next step is to download and install the SBI! for WP plugin on their own site (my pride and joy). It’s hard not to get too technical, but this is a technical site so bear with me. I used the MVC Starter Plugin for WordPress (by yours truly), so the code is clean and concise, neatly separated into Models, Views, and Controllers. Communication with SiteSell’s servers is done via back-end API calls, and only when absolutely necessary.

For performance purposes, and as this is purely an Admin tool, it doesn’t even get instantiated on the front end. Once the user installs it, they receive a Welcome admin pointer with the option to take a tour of the settings. When the user connects to SiteSell’s servers, their MKL is downloaded to their site so that they have quick access to the keywords while writing posts or pages (or whatever other Custom Post Type they choose to use the keywords on).

If they want to use a keyword that is not in their MKL, they have the option to add it from the WordPress admin, and both systems are kept in sync. For larger systems that have multiple roles creating/editing content, the admin can choose which roles will have access to the keywords.

When using the keywords in the Edit Post/Page screen, the user also has access to Competitive Insights – a list of sites that use the selected keyword, offering opportunity to reach out and make partnerships. We also keep track of all posts and pages using that keyword within the user’s site.

All in all, SBI! for WP is an awesome service/plugin and I’m tremendously proud to be a part of it!

How to Identify Good WordPress Plugins in 4 Easy Steps

How to Identify Good WordPress Plugins in 4 Easy Steps

Over the past few months I’ve been working with Mike Allton and Susanna Perkins on a project that will try to give info-preneurs using WordPress an edge on creating content for their audience. On one of the less busy days, I wrote the post below detailing how I choose plugins for my clients.


How to Identify Good WordPress Plugins in 4 Easy Steps


So you’ve finally decided what the focus of your website should be and are ready to set up your WordPress install. You now need to select your theme and a series of plugins to build upon the core functionality you get from WordPress out of the box. With thousands of options to choose from, getting a plugin or theme that will not blow up and bring your site down is a challenge.

There are a few steps you can follow to ensure you have good quality WordPress Plugins for your site. Even if you aren’t a developer and can’t understand a single line of code, using these guidelines as a rule of thumb will give you some level of security.

These are the steps I take when helping my clients decide whether to adopt a plugin or not.

1. Check What Others Have To Say

With close to 40,000 plugins at the time of this writing, offers the ability for users to rate plugins. In the early days, it was possible to select the number of stars for a plugin without commenting on it. To make things fair for authors, people now have to state why they are casting their votes and the authors have the chance to defend themselves, if needed. Plugins with too many low-star ratings should raise a red flag, as long as the comments actually make sense. Be careful of detractors that are only out to troll authors without actually trying to provide constructive criticism.

2. Authors Should Provide (Fast) Support also offers support forums where users can ask authors for help. Some authors choose to provide support on their own sites. Personally, I think this is valid for paid plugins, but free plugins support should be kept where the free plugins are downloaded. Look for how many resolved topics there are in the recent past, and the time it takes for authors to reply. Authors get notified of new topics immediately, and should have a good reason to not reply within a reasonable time frame.

3. Plugins/Themes Should Be Updated Frequently

Let me take a poetic license here… Code is a Living Entity. There’s seldom such a thing as writing a plugin and never touching it again. It is virtually impossible for any piece of code to not need updates from time to time. With the wide variety of environments out there, there’s bound to be a scenario where a bug patch is needed. Also, is always releasing new updates to the core, and plugins and themes need to keep up. The plugin page will tell you when it was last updated, and up to which version of WordPress it has been tested with.

4. Check For Coding Best Practices

Granted, this part is a bit harder to do if you are not a developer. There are, however, a few things you can look for to identify a well written piece of software. You can find the source code in the “Developers” section of the plugin page in

Code is like a house – Keep it clean or it’ll become full of bugs. Proper spacing and indentation helps developers to easily understand what each part of the code does, as well as the intention of the previous developer when writing that piece. Another thing that helps understand code is commenting. If you look at the core WordPress files, you’ll see that they went to great lengths to properly document what each piece should do. No author remembers EVERYTHING they had in mind when writing code. If they say they do, run away – they’re either lying or they’re dangerously smart and might try to take over the world.

Object Oriented code is a Good Thing– Gone are the days when people could write code without structure. If you see words like class, static, public, private, protected, or extends, it is quite likely that the developer knew what s/he was doing. For the simpler plugins, this might be overkill as it usually comes hand-in-hand with more files and folders and it might be like killing a fly with a shotgun, but the danger of PHP is that it is so easy to use that it becomes easy to write BAD code.

Closing PHP tags are tricky – PHP comes with open and close tags, <?php and ?> respectively. Any white space after a close tag will be rendered by the web server, many times prematurely. If you see errors such as ‘headers already sent’, the culprit is likely to be white space after a closing PHP tag. Using closing tags at the end of a PHP file is not only unnecessary, but frowned upon. It’s better to see a comment indicating the end of file, than an actual closing tag.

Code should be tested – There are several techniques to test software. WordPress comes with a suite of test files that run via phpunit, a robust PHP testing tool. Plugins and themes should be tested, too. Look for a directory called ‘test’, or simply ‘t’ containing at least one PHP file.


Even if you follow all of these steps to the letter, you might still come across a bug. However, it is much less likely to happen and, if it does, you should be able to get fast support from the author. After all, you did follow step 2, right?

Important Changes to USC Plugin Sales and Support

When I started selling WordPress plugins at UseStrict Consulting, I planned to provide life-time updates and free support for all. As it turns out, there are a few fundamental flaws with this business model:

  1. There’s no control over unauthorized copies;
  2. Providing free support takes time away from coding new and exciting things;
  3. There is no business growth;

Over the following weeks, I will be implementing a plugin licensing system, and support will be provided to subscribers only. I believe this will be a win-win situation, as I will be able to provide (even) faster support and better plugins.

I’m still studying how to handle old clients, and will post updates as soon as I have more information.


MVC Starter Plugin for WordPress: Parent Class Overview

Inheritance with MVC Starter Plugin for WordPress

Except for Models, all classes in MVC Starter Plugin for WordPress are extensions of the Parent Class, defined in plugin-name.php. This makes it possible to call methods like load_lib() from anywhere in the child classes. This is important also because MVCSP works with singletons whenever possible.

Yes, I’m aware of the war regarding singletons, but when you look at debug logs and see that WordPress reloads your plugin at least twice in some cases, you really want to make sure that you’re not doing things more often than you should. If you still want to avoid singletons in load_lib(), you can. Refer to the section on that method to know more.

Support for PHP < 5.3

MVC Starter Plugin for WordPress comes with a bootstrap() method that instantiates/serves singletons. It relies on the native function get_called_class(), which was made available in PHP version 5.3. For those few who still run on PHP 5.2 and under, I strongly recommend that you have your hosting company upgrade or switch hosting companies to a more serious one. If that’s not a possibility, you can still use this Starter Plugin because it implements its own get_called_class() if the native one doesn’t exist. Like all methods, it is slower than native calls, so it really is better if you upgrade to a modern PHP version.

Best practices

In order to keep my code easily maintainable, I tend to follow these guidelines:

  • Place add_action and add_filter calls in the __construct() of Controllers
  • Make sure to check that admin-related logic is indeed running under the admin with checks to parent::is_admin().
  • Do the same for front-end logic, checking that parent::is_admin() is false.
  • Avoid having calls to non-controller methods inside the Parent Class constructor, with the odd exception of an abstract class that needs to be loaded beforehand.
  • NEVER have a closing PHP tag at the end of any file. Nobody likes to deal with “headers already sent” errors caused by extra space or newlines that shouldn’t be there. Instead, use a comment to indicate that the file has finished.
/* End of file file-name.php */
/* Location: plugin-dir/file-name.php */

Let me know if there are any other best practices you’d like me to add here.

MVC Starter Plugin for WordPress: Set Up

Template Variables

After you download the MVC Starter Plugin for WordPress, you’ll need to replace a few template variables across all existing files with values of your choosing. They are:

PLUGIN_NAME, PLUGIN_DESC, PluginClass, and <plugin-dir>

  • PLUGIN_NAME: The actual name of your plugin. This will appear in the Installed Plugins screen and in the Admin -> Settings submenu.
  • PLUGIN_DESC: The description of the plugin. This will appear in the Installed Plugins screen.
  • PluginClass: The overall class of your plugin. MVCSP is Object Oriented and all Controllers, DAOs, and Views should extend the parent class.
  • <plugin-dir>: MVCSP borrowed the end-of-file style from CodeIgniter, in the sense that it does not close PHP tags but instead has a comment to indicate that the file is not truncated. The <plugin-dir> tag is only used as part of that comment.

The Set-Up Helper Script

There are several methods to replace the template variables with your desired values. I personally like to use grep or find piped into a Perl one-liner. To make things easier, I included a script which takes a few parameters and runs some shell commands in the background. This only works for people using Mac or Linux machines, or probably Windows with Cygwin (not having used Windows in years, I haven’t had a chance to test it). Run it without any parameters and this is what you get:

Usage: perl ./ --long-name="The Plugin Name" --desc="Full Plugin Description" --class-name="DesiredPHPClassName"

All 3 parameters are required. Use a valid class name or your plugin will throw an error during activation.

The parameters are self-explanatory.

Note: Once you’ve run the script, the file plugin-name.php will be renamed to whatever name of the domain is. So suppose you extract the Starter Plugin zip file contents in to a directory called my-plugin, the file plugin-name.php will be renamed to my-plugin.php. WordPress will then have my-plugin/my-plugin.php as the plugin signature.

That’s all there is to setting up the Starter Plugin. You can now activate it in your Admin -> Installed Plugins.

If you want to set up your plugin to run tests, refer the Running Tests section.

MVC Starter Plugin for WordPress

A Little Background

This is the seventh anniversary of UseStrict Consulting. It was born out of my passion for Perl, long before I ever thought of writing plugins for WordPress.

A lot has changed since then – I fell in love with building WordPress plugins in 2011. Like with Perl back in 1998, it started as an itch that needed scratching. My first plugin wasn’t a simple task. I wanted to get live shipping rates from Canada Post to use on my wife’s online pharmacy running eShop. The end result was messy, but it worked… and still does!

Fast forward 4 years. Enter the MVC Starter Plugin for WordPress.

MVC Starter Plugin for WordPress

The MVC Starter Plugin for WordPress is the result of best practices adopted from CodeIgniter, Catalyst, and of course, the WordPress Codex. It is a robust Object Oriented Model/View/Controller framework for WordPress plugins. I haven’t released it to Github yet, as it’d be nice to get some peer feedback before I do that.

The framework comes with a few handy methods and classes, as well as test files which can serve as templates for your own tests. They are designed to work with the WordPress Unit Test Suite and phpunit. I’ll be adding the documentation below as time permits, but feel free to download MVC Starter Plugin and play around with it!


  1. Download
  2. Set Up
  3. The Parent Class
    1. Overview
    2. Method: bootstrap()
    3. Method: __construct()
    4. Method: is_admin()
    5. Method: load_lib()
    6. Method: load_all()
    7. Method: render_template()
    8. Method: set_env()
    9. Method: get_env()
    10. Method: log_msg()
  4. Admin Notices Controller
    1. The Notice Pool
    2. Method: set_notice()
  5. The Settings API
    1. Setting Controller Class
    2. Settings DAO and Model Classes
    3. The Settings View
  6. Ajax
    1. The Ajax Controller
    2. The Ajax Request Model

bbPress Notify (No Spam) – Opt Out Add-on

bbPress Notify (No spam) was originally built to let admins know when there is a new message in the forums. Over time, it was modified to notify other roles chosen by the Admin. This add-on allows users to opt-out of notifications.

Version 1.0 has arrived!

Version 1.0 is now available at a special price – only $14.99. This is what you get for that price:

  1. 2 available email template tags for unsubscribe URLs:
    1. [opt-out-url-wp] – gets converted into the wp-admin/profile.php URL
    2. [opt-out-url-bbpress] – gets converted into the bbPress profile URL for that user
  2. Your subscribers can opt-out in either profile screen (WP or bbPress). You choose the one that fits you best (for those who have plugins that disable /wp-admin/profile.php for certain users)
  3. bbPress Subscriptions screen will tell your subscriber whether he has opted out.
  4. From your subscriber’s point of view, nothing happens if he is not part of one of the roles selected to receive notifications.
  5. This price is for version 1.0 only. Once I add more functionality, the price goes up for new buyers.

Please sign up below to receive updates regarding the development process.


eShop PayPal Pro Merchant Gateway

eShop PayPal Pro Merchant Gateway allows you to collect Credit Card payments without the need for your client to leave your site.


  1. Download and upload it to to your blog’s wp-content/plugins directory;
  2. Activate the plugin in your Plugin Admin interface;
  3. Go to the Settings -> eShop -> Merchant Gateways and enter your sandbox and live PayPal credentials.


eShop for WordPress comes with basic PayPal support out of the box. This means that your client gets sent to PayPal to make their payments and has the option of not returning. With eShop PayPal Pro Merchant Gateway plugin, you can collect the payment directly from the checkout page, no redirections to outside servers whatsoever.

For PCI compliance, no Credit Card data gets stored. It is up to you, however, to set up SSL on the checkout page.


Once you activate this plugin, a new section is shown under Settings -> eShop -> Merchant Gateways.

eShop PayPal Pro Settings

Tick the ‘Accept payment by PayPal Pro’ box and enter your Sandbox and Live PayPal credentials (API Username, API Password, and Signature). If you don’t use PayPal Payments Pro yet, click here to learn more about it.

Tick the credit cards that you want to use – note that PayPal does not allow American Express and Discover in certain regions. Make sure to test those cards before going live. Test credit card numbers can be found here.

Click ‘Save Changes’ and you’re good to go.


When your clients reach the checkout page, they will see the Credit Card option as one of the payment methods. If it is the only active option, the CC fields will be visible. The type of credit card is identified automatically when the clients type in the number. If there are more Payment options, the fields will only be displayed if the clients click on the CC radio button.

Credit Card Option with Hidden Fields

Credit Card Option with Hidden Fields

Credit Card Fields Displayed

Credit Card Fields Displayed

Fields Shown Automatically

Fields shown automatically when it is the only option available

Confirmation Page

The confirmation page will show only the last four digits of the credit card number and card type.

Confirmation Page Data

Confirmation Page Data