WordPress Upgrade Service

Having problems updating your WordPress site?
Worried your site might break after upgrading?
Want to outsource the task to WordPress experts?

An outdated version of WordPress or any of its associated plugins leaves your site and server at increased risk of malicious hackers and spammers.

Updating WordPress can be scary. If you need an upgrade or your site is very old, you want it done properly and without risk then our WordPress Experts are the solution you are looking for.

Why you need to upgrade your WordPress blog?

  • An outdated version of WordPress leaves your blog at greater risk of hacker attacks.
  • It is vital that your WordPress has all of the latest security updates applied
  • Major releases of WordPress contain the latest improvements and features
  • Outdated, obsolete and inactive WordPress plugins and themes pose security risks.

Upgrade WordPress Service

What’s included…

  • We perform a full backup of your site files and WordPress database
  • We remove all obsolete and vulnerable WordPress core files
  • We update your WordPress to the latest core files (currently 4.6.x)
  • We manually update all of your outdated WordPress plugins
  • Remove inactive, obsolete, and vulnerable WordPress plugins.
  • Manual upgrade of WordPress default themes
  • Removal of inactive WordPress themes.
  • We remove all compromised files and malicious code
  • We fully test your updated site, plugins, and theme to ensure full functionality
  • We will maintain and update your site on demand for 12 months

Price £69 £49 Today!


Protect against WordPress Pingback Vulnerability

How to Neutralise a Pingback DDOS Attack

sshThe WordPress Pingback Vulnerability is used to maliciously attack your WordPress site via the Pingback service.

If the attack is heavy enough then not only will your site be seriously slowed if not inaccessible) but your server will also be overloaded with requests thus risking your shared hosting account altogether.

This type of attack is usually instigated via a botnet of many hundreds (if not thousands) of different IP addresses so a simply blocking the IP address of the attacker is not practical.

If you are under attack right now then there are actions you can take to minimise (if not nullify) the effect of attack.

Disable the WordPress XMLRPC Service

We can do this by adding a “deny” to “xmlrpc.php” in your .htaccess file. This will disable the your WordPress site from participating with the pingback requests.

Add the following to the top of your .htaccess file:

<files xmlrpc.php>
order deny, allow
deny from all

The attack will now have less effect on your server load.

Once the attack is over, you may remove deny code if you need XMLRPC services active on your WordPress site. There’s a 95% chance you can leave it there with no noticeable effect at all.

Blocking the DDOS Attack using CSF

If you use CSF, you may still want to block the IP addresses of the attacking botnet. It’s quite easy to do.

Here is a bash one-liner that will do the job for you in real-time:

tail -f /var/www/vhosts/yourdomain.com/logs/access_log | grep "\"WordPress/" | grep -v "POST " | awk '{print $1}' | while read IP; do /usr/sbin/csf -td $IP 7d BlockPingback; done

There is some satisfaction in having the IPs permanently blocked. You can add the resulting IP block to your deny files on all servers and accounts.

It does make sense as all the attacking WordPress sites are clearly compromised and will no longer be a problem (for you at least) if permanently blocked from your server.

Update WordPress posts after site Move

Updating MySQL wp_posts to new URL or folder

When moving your WordPress site to a new folder or domain name, there is a little more you need to do than change the permalink structure and adding 301 into your .htaccess.

After performing the above steps you will need to make some database search and replace changes to get your data references 100% correct.

Change all references using old site URL:

UPDATE wp_posts SET guid = replace(guid, 'https://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');
UPDATE wp_posts SET guid = replace(guid, 'http://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');
UPDATE wp_posts SET post_content = replace(post_content, 'http://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');

If you installed SSL, an additional search / replace is required:

UPDATE wp_posts SET post_content = replace(post_content, 'https://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');

Change all references using old folder name:

UPDATE wp_posts SET post_content = replace(post_content, '/oldfolder/','/newfolder/');

How to: Replace WordPress .htaccess

Replace a corrupt or lost WordPress .htaccess

wordpress_logoWordPress uses .htaccess for security and for URL re-writing and so it is a key contributor to the functionality of your site. Sometimes you will find your site looking very badly formatted, as if the CSS files are not being found.

The problem is usually caused by a corrupt or lost .htaccess file. This can be caused by a misbehaving/bad plugin feature or update.

Never fear, you can replace the default WordPress .htaccess file and get your site looking great again.

There are two default formats for WordPress .htaccess depending on the version you are running. Basically, if the first doesn’t work, simply try the second.

The “Basic WordPress” .htaccess

If your WordPress was installed in document root:

# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

The “MultiSite WordPress” .htaccess

If your WordPress was installed in a sub-folder:

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

WordPress Rescue Service

wordpress-logo-updateGetting hacked is no fun at all. Not only is your site putting your visitors at risk but your site functionality may also be affected which could be costing you money. Your posts and history may have taken years to build so deleting and starting again may not be a practical option.

Our WordPress Rescue Service aims to recover your WordPress site to good standing.

Our experts will thoroughly clean your site, upgrade all components, remove backdoors and most importantly preserve your data.

  • Perform a full backup of your site and database.
  • Remove all injected and compromised files
  • Remove all compromised plugins, backdoors and security loopholes
  • Preservation of your posts and data
  • Conflict and compatibility check of your WordPress plugins and themes.
  • Manual removal of all obsolete and vulnerable WordPress core files.
  • Update of the latest WordPress core files.
  • Database upgrade to the latest stable WordPress version.
  • Manual update of your outdated WordPress plugins
  • Removal of inactive, obsolete, and vulnerable WordPress plugins.
  • Manual upgrade of both WordPress default themes.
  • Removal of inactive WordPress themes.

Our experts can usually have your site back to full functionality within 48 hours. If your site has been hacked, compromised or defaced, the WordPress Rescue Service is just what you are looking for.