How to migrate wordpress website files and database to a new Host

Moving websites between hosts is a big challenge for all site owners. With a WordPress site, we have to move all our plugins, themes, and the database. Once they are relocated, they may not even work with our new host because critical server systems may have different paths. I’ve been through many host-to-host moves with the sites I manage, and I’ve figured out a few ways to make migration easy and safe. Here, I’ll pass along some of that knowledge to all.


1. Find a Host That Suits Your Needs with Hands-on Migration Support

We simply can’t expect to start up with one hosting provider, run a website for years, and never have to move to a new host. Web hosting companies compete vigorously with one another, and feature sets and pricing schemes are in a constant state of flux. In some cases, these changes can inspire users to jump ship. In other instances, our website may simply outgrow its current hosting environment. The more popular a website becomes, the more server resources it requires, and not every hosting provider can offer all the resources our site might need. We may also find that more features from a hosting provider than current host offers. We want more mailboxes without paying extra? How about a free SSL certificate or stronger DDoS protection? Or maybe a host has just gone to the dogs.

Whatever the reason for wanting to make a move, one huge way we can make that easier is to find a new hosting provider that offers free migration and after-move support.


2. Save Your Site’s Files, Transfer Databases, and Setup Applications

If hosting provider doesn’t offer a free migration, to accomplish the migration yourself without much difficulty.

To move WordPress-powered website we will need to do the following:

·         Transfer the WordPress engine files. This is optional if host has a WordPress installer

·         Transfer site files (i.e. uploads, themes, and plugins)

·         Migrate the database containing blog posts, pages, comments, and WordPress settings

·         Update the WordPress configuration


The easiest way to accomplish the migration, short of having our hosting provider do it for us, is to use a plugin like All-in-One WP Migration. We install it on our existing site. It then exports all files and even database to a portable package.

Install a clean, new version of WordPress on new server and add the All-in-One WP Migration plugin to that installation. Then, within the plugin’s configuration page, choose Import Site. Then drag the site package previously exported right into the plugin, whereupon it will restore old site right over the new installation.

Both the WordPress engine and all the other files that make up our website can be transferred via FTP from old server and then to our new server. We will need an FTP application like my favorite, the cross-platform and free FileZilla. Both hosting providers will provide instructions for accessing site via FTP, including how to configure an FTP program like FileZilla. If we can’t find that information in host’s tech support documentation or in welcome letters, simply open an online chat or call to provider. Usually, technicians will gladly walk through setting up our FTP program. You can also hire a wordpress expert from here.

Once it’s set up, just download our entire site from old host, everything in the directory or folder contains the wp-admin folder including all the files and subfolders to computer. It may take a while.

When the download is finished, disconnect from old server, connect to new server, and upload all those files. This, too, may take some time.

Migrating our database, all the actual content of blog or website is trickier and can’t be done through FTP. Fortunately, it’s nowhere near as tricky as it used to be. Follow the instruction from the official WordPress Codex to export database from MySQL and download it to computer. Then, follow the directions within that document to update the paths between the servers and update the WordPress configuration and variables for the new server’s environment.


3. Change Nameservers to Point to New Hosting Provider

When we go to sign up for a new hosting account we’ll usually receive a welcome letter email, and within that email is often the new nameservers we should use. If we didn’t receive that information, a quick phone call or online chat to our hosting provider’s tech support department will gladly give us the proper nameservers. They often look something like the below:

Go to domain name registrar and update domain’s nameservers. This process is different for every registrar — GoDaddy’s process is very different from that of Dotster’s and from the process at Google Domains and so on.

Typically, we log into our domain registrar’s account, click on the domain name in the list of owned domain names, and look for an option to mentioning “Name Servers,” “Nameservers,” or “Host Address.” Replace whatever nameservers are listed with the ones we obtained from new host. We will always have at least two nameservers to enter, but may be given third and fourth options, too. Save the changes, and then, within 12 to 72 hours, all requests for domain name will begin forwarding to new hosting provider. Until then, old host account may be served to some visitors, which is why it’s important to ensure both old and new servers run concurrently for three days.


Was this article helpful?

Top Related Jobs

Top Freelance jobs are waiting for you, View & apply to earn more.

People also searched for

Guide to Hiring a Great NodeJS Developers
Guide to Hiring a Great NodeJS Developers
Web Development

In today’s online world, businesses are earning profit from interactive websites and scalable applications. As an owner of such a business, you must pay attention to the trending t...

Natural Language Processing in Python
Natural Language Processing in Python
Web Development

NLP is a branch of data science that consists of systematic processes for analyzing, understanding, and deriving information from the text information in a smart and efficient mann...

Learn Web Scraping using Python
Web Development

The importance of extracting information from the web is becoming increasingly loud and clear. Every few weeks, I realize myself in a situation where we need to extract information...

You are freelancing Ninja?

Try Toogit Instant Connect today, The new virtual assistant for your freelancing world.

Users & Their Opinions About Wordpress

Freelancers You May Hire

Related Freelancers You May Like

Related Jobs

Related Services

Related 5 minutes reads from our blogs

Your website is a crucial part of your business. And if its in wordpress, you need to pay extra attention to your WordPress website security.
Here are some of the best WordPress website security practices that will improve your WordPress security and keep your site safe from hackers and malware.

Set up website lockdown and ban users

A lockdown feature for failed login attempts can solve a huge problem, i.e. no more continuous brute force attempts. Whenever there is a hacking attempt with repetitive wrong passwords, the site gets locked, and you get notified of this unauthorized activity.

There are some plugins in which you can specify a certain number of failed login attempts after which the plugin bans the attacker’s IP address.

Use 2-factor authentication

Introducing the 2-factor authentication (2FA) at the login page is another good security measure. In this case, the user provides login details for two different components. The website owner decides what those two are. It can be a regular password followed by a secret question, a secret code, a set of characters, etc.

Use email as login

By default, you have to input your username to log in. Using an email ID instead of a username is a more secure approach. The reasons are quite obvious. Usernames are easy to predict, while email IDs are not. Also, any WordPress user account is always created with a unique email address, making it a valid identifier for logging in.

The WP Email Login plugin works out of the box for this purpose. It starts working right after the activation and it requires no configuration at all.

To test it, just log out of your website and then log back in, but this time use the email address that you created the account with.

Rename your login URL

To change the login URL is an easy thing to do. By default, the WordPress login page can be accessed easily via wp-login.php or wp-admin added to the site’s main URL.

When hackers know the direct URL of your login page, they can try to brute force their way in. They try to log in with their GWDb (Guess Work Database, i.e. a database of guessed usernames and passwords; e.g. username: admin and password: p@ssword… with millions of such combinations).

So, at this point – if you’ve been following along – we have already restricted the user login attempts and swapped usernames for email IDs. Now we can replace the login URL and get rid of 99% of direct brute force attacks.

This little trick restricts an unauthorized entity from accessing the login page. Only someone with the exact URL can do it. Again, the iThemes Security plugin can help you change your login URLs. Like so:

  • Change wp-login.php to something unique; e.g. my_new_login
  • Change /wp-admin/ to something unique; e.g. my_new_admin
  • Change /wp-login.php?action=register to something unique; e.g. my_new_registeration

Adjust your passwords

Play around with the website’s passwords and change them regularly. Improve their strength by adding uppercase and lowercase letters, numbers, and special characters. This password generator is a useful resource.

Part (b): Secure your admin dashboard

For a hacker, the most engaging part of a website is the admin dashboard, which is indeed the most protected section of all. So, attacking the strongest part is the real challenge and, if accomplished, it gives the hacker a moral victory and the access to do a lot of damage.

Here’s what you can do:

Protect the wp-admin directory

The wp-admin directory is the heart of any WordPress website. Therefore, if this part of your site gets breached then the entire site can get damaged.

One possible way to prevent this is to password-protect the wp-admin directory. With such security measure, the website owner may access the dashboard by submitting two passwords. One protects the login page, and the other the WordPress admin area. If the website users are required to get access to some particular parts of the wp-admin, you may unblock those parts while locking the rest.

You can use the AskApache Password Protect plugin for securing the admin area. It automatically generates a .htpasswd file, encrypts the password and configures the correct security-enhanced file permissions.

Use SSL to encrypt data Implementing an SSL (Secure Socket Layer) certificate is one smart move to secure the admin panel. SSL ensures secure data transfer between user browsers and the server, making it difficult for hackers to breach the connection or spoof your info.
Getting an SSL certificate for your WordPress website is not an issue. You can purchase one from some dedicated companies or alternatively ask your hosting firm to hook you up with one (it’s often an option with their hosting packages).

The SSL certificate also affects your website’s rankings at Google. Google ranks sites with SSL higher than those without it. That means more traffic. Now who doesn’t want that?

Add user accounts with care
If you run a WordPress blog, or rather a multi-author blog, then you need to deal with multiple people accessing your admin panel. This could make your website more vulnerable to security threats.
You can use a plugin like Force Strong Passwords for your users if you want to make sure that whatever passwords they use are secure. This is just a precautionary measure.

Change the admin username
During WordPress installation, you should never choose “admin” as the username for your main administrator account. Such an easy-to-guess username is approachable for hackers. All they need to know is the password, and your entire site gets into the wrong hands.
I can’t tell you how many times I have scrolled through my website logs, and found login attempts with username “admin”.
The iThemes Security plugin can stop such attempts cleverly by immediately banning any IP address that attempts to log in with that username.

Monitor your files
If you want some extra added security, you can monitor the changes to the website’s files via plugins like Acunetix WP Security, Wordfence, or again, iThemes Security.

5 Tips to start freelancing during COVID 19 – For Beginners

How to Start FreelancingToday we'll read about 5 amazing freelancing tips, I believe you have a lot of questions about How to go out freelancing? What is freelancing? & how to get your first project especially if you're a beginner in computer science and information technology. So, here are my more

Highest paying jobs you can do from home

Freelancing is a field with unlimited opportunities for everyone. The fact which makes it even more interesting is anyone with a pc and the internet can become a freelancer. It is true that particular expertise is required to start freelancing but the best part is you are free to choose the skill more

Top 5 Programming Languages To Learn In 2019

 With more new programming languages being released day by day it is getting difficult for the programmers to keep track and learn every new programming language.One must understand that decision to learn new programming language should solely be based on following 3's.Your aspirationsYour more