Update WordPress posts after site Move

Updating MySQL wp_posts to new URL or folder

When moving your WordPress site to a new folder or domain name, there is a little more you need to do than change the permalink structure and adding 301 into your .htaccess.

After performing the above steps you will need to make some database search and replace changes to get your data references 100% correct.

Change all references using old site URL:

UPDATE wp_posts SET guid = replace(guid, 'https://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');
UPDATE wp_posts SET guid = replace(guid, 'http://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');
UPDATE wp_posts SET post_content = replace(post_content, 'http://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');

If you installed SSL, an additional search / replace is required:

UPDATE wp_posts SET post_content = replace(post_content, 'https://www.oldsite.co.uk/oldfolder','https://www.newsite.co.uk/newfolder');

Change all references using old folder name:

UPDATE wp_posts SET post_content = replace(post_content, '/oldfolder/','/newfolder/');

How to: Replace WordPress .htaccess

Replace a corrupt or lost WordPress .htaccess

wordpress_logoWordPress uses .htaccess for security and for URL re-writing and so it is a key contributor to the functionality of your site. Sometimes you will find your site looking very badly formatted, as if the CSS files are not being found.

The problem is usually caused by a corrupt or lost .htaccess file. This can be caused by a misbehaving/bad plugin feature or update.

Never fear, you can replace the default WordPress .htaccess file and get your site looking great again.

There are two default formats for WordPress .htaccess depending on the version you are running. Basically, if the first doesn’t work, simply try the second.

The “Basic WordPress” .htaccess

If your WordPress was installed in document root:

# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

The “MultiSite WordPress” .htaccess

If your WordPress was installed in a sub-folder:

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

WordPress Rescue Service

wordpress-logo-updateGetting hacked is no fun at all. Not only is your site putting your visitors at risk but your site functionality may also be affected which could be costing you money. Your posts and history may have taken years to build so deleting and starting again may not be a practical option.

Our WordPress Rescue Service aims to recover your WordPress site to good standing.

Our experts will thoroughly clean your site, upgrade all components, remove backdoors and most importantly preserve your data.

  • Perform a full backup of your site and database.
  • Remove all injected and compromised files
  • Remove all compromised plugins, backdoors and security loopholes
  • Preservation of your posts and data
  • Conflict and compatibility check of your WordPress plugins and themes.
  • Manual removal of all obsolete and vulnerable WordPress core files.
  • Update of the latest WordPress core files.
  • Database upgrade to the latest stable WordPress version.
  • Manual update of your outdated WordPress plugins
  • Removal of inactive, obsolete, and vulnerable WordPress plugins.
  • Manual upgrade of both WordPress default themes.
  • Removal of inactive WordPress themes.

Our experts can usually have your site back to full functionality within 48 hours. If your site has been hacked, compromised or defaced, the WordPress Rescue Service is just what you are looking for.


WordPress 4.2.2 fixes a cross-site scripting vulnerability – Update Now

wordpress_logoWordPress Version 4.2.2

On May 6, 2015, WordPress 4.2.2 was released to the public. This is both a security update for all previous WordPress versions, and a maintenance release for versions 4.2 and newer.

From the announcement post, WordPress 4.2.2 fixes a cross-site scripting vulnerability contained in an HTML file shipped with recent Genericons packages included in the Twenty Fifteen theme as well as a number of popular plugins by removing the file. Auto-updates and manual updates will remove this file, however manual installations and those using VCS checkout (like SVN) will not remove this file. Version 4.2.2 also improves on a fix for a critical cross-site scripting vulnerability introduced in 4.2.1.

The release also includes hardening for a potential cross-site scripting vulnerability when using the Visual editor.

In addition to the security fixes, WordPress 4.2.2 contains fixes for 13 bugs from 4.2.1, including:

  • Fixes an emoji loading error in IE9 and IE10
  • Fixes a keyboard shortcut for saving from the Visual editor on Mac
  • Fixes oEmbed for YouTube URLs to always expect https
  • Fixes how WordPress checks for encoding when sending strings to MySQL
  • Fixes a bug with allowing queries to reference tables in the dbname.tablename format
  • Lowers memory usage for a regex checking for UTF-8 encoding
  • Fixes an issue with trying to change the wrong index in the wp_signups table on utf8mb4 conversion
  • Improves performance of loop detection in _get_term_children()
  • Fixes a bug where attachment URLs were incorrectly being forced to use https in some contexts
  • Fixes a bug where creating a temporary file could end up in an endless loop.

WordPress Version 4.1.2 – Urgent Upgrade

wordpress-logo-updateOn April 21, 2015, WordPress 4.1.2 was released to the public. This is a security update for all previous WordPress versions.

This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.

Also fixed are three other security issues:

  • In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded.
  • In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
  • Some plugins were vulnerable to an SQL injection vulnerability.

A number of plugins also released security fixes yesterday. Keep everything updated to stay secure. If you’re a plugin author, please read this post to confirm that your plugin is not affected by the same issue.

If you are unable/uncomfortable upgrading your WordPress site then let our experts do all the work for you. Order a WordPress Maintenance service today.