Start learning with our library of video tutorials taught by experts. Get started

WordPress 3: Developing Secure Sites

Restoring your site


From:

WordPress 3: Developing Secure Sites

with Jeff Starr

Video: Restoring your site

In this screencast, we're going to restore a WordPress site that, for whatever reason, has crashed and lost a bunch of data. The only solution is performing a full site restoration, which includes both the database and the physical files. The restoration process takes some time, but conceptually is very straightforward. Here are the basic steps. First, obtain the most current version of your backup files. Second, set up a temporary maintenance page telling visitors that you'll be back soon.

Watch this entire course now—plus get access to every course in the library. Each course includes high-quality videos taught by expert instructors.

Become a member
Please wait...
WordPress 3: Developing Secure Sites
2h 36m Intermediate Jun 27, 2011

Viewers: in countries Watching now:

This course explains how to secure self-hosted WordPress sites, including site configuration, code modification, and the use of free plug-ins. Beginning with the basics of site security, author Jeff Starr explains how to harden a WordPress site by configuring authentication keys, setting proper file permissions, and removing version numbers. The course shows how to implement a firewall, prevent automated spam, and control proxy access, and concludes with a series of advanced tips and site security best practices.

Topics include:
  • Backing up and restoring your site
  • Setting up strong passwords
  • Choosing trusted plugins and themes
  • Protecting the configuration file and the admin directory
  • Securing the login page
  • Fighting comment spam
  • Blocking access and detecting hacks
  • Finding and reporting vulnerabilities
Subjects:
Developer Web CMS Web Development
Software:
WordPress
Author:
Jeff Starr

Restoring your site

In this screencast, we're going to restore a WordPress site that, for whatever reason, has crashed and lost a bunch of data. The only solution is performing a full site restoration, which includes both the database and the physical files. The restoration process takes some time, but conceptually is very straightforward. Here are the basic steps. First, obtain the most current version of your backup files. Second, set up a temporary maintenance page telling visitors that you'll be back soon.

Third, upload the new files. Fourth, restore the database and lastly, remove the temporary maintenance page. To do this, we will need an FTP connection for the file upload and an app to work with the database. A very popular, well-documented, and open-source app is phpMyAdmin. If it's not, ask your host for help finding an alternative. In any case here is what our WordPress database looks like using phpMyAdmin. All of our tables are listed here in the left, and we have options to do just about anything we need to do with the database.

So with this open and ready to go, let's return to our FTP editor and set up the temporary maintenance page. First, grab a copy of the maintenance.html file that's included with the exercise files and upload to your server. If you don't have the exercise files, copy this code the best you can, and that should work just fine. You want to save the file and upload to the server, like so. Next, place a copy of the blank htaccess file--also included in the exercise files-- place it in the root directory of your site, open it, and then paste in the htaccess code that's also included with the exercise files.

Save the file and upload it to the server. We do need to make sure that the IP address matches your own. Return to the browser and type in 'what is my IP?' in Google. That will take you to a page such as this where it lists your IP address right upfront. Grab a copy, return to the editor, and replace the IP address with your own, and save the file and upload it to the server.

This will ensure that you have access to your site while everyone else is redirected to the maintenance page. To see this in action, let's go to a proxy server, such as the one at proxy.org, and we'll try visiting our site using a different IP address other than our own. We enter the URL, click on the Go button, and we see our maintenance file in effect. The redirect is working and everyone except for us will see this message. This means that we can work on the server in a relaxed fashion, without worry that visits might be interrupted.

So with the maintenance page in place, we're now ready to begin the site restoration process. Because file uploading takes the most time, we'll get that started first. Return to the FTP file editor and we are connected to the server. As you can see, besides the maintenance.html file and htaccess files, all files have been removed, leaving us a clean slate to work with. Note that if you have large collections of non-WordPress files on the server, such as image files or video uploads, you'll save time by not deleting them; however, part of the restoration process is to start completely fresh and eliminate any hacked files. So it's your call.

If you do decide to leave the files on the server, just make sure to check them thoroughly for anything unexpected or unusual. That said, let's begin the restoration process by uploading our backup files to the server. We select all of our files and click the Upload button to go. It is totally okay to replace the existing htaccess and maintenance.html files. Let's click Replace, and while that's happening, let's go back to phpMyAdmin to restore the database.

Here in the phpMyAdmin app, we are looking at the WordPress database, and the first thing we want to do is delete all traces of the previous database by clicking Check All and then selecting Drop from the dropdown menu. It will ask you if you really want to do this. It's a big move, and you do. We have a backup of the database, so we want to delete everything in this database. Here we see that the tables have been dropped. Everything is ready to go for a fresh import of your backup database.

So to do this, click on the Import tab at the top of the page. Then browse to the location of your most current backup and leave everything else set at the default settings. Finally, select Go to upload the database. It can take some time for large files, but a default WordPress database should go pretty quick. And as seen here, our database is now restored to the most recent backup. Let's return to the FTP/file editor and check on those files. And we're all set.

At this point, all files have been uploaded to the server, as you can see here, and the database has been completely restored as well. So let's return now to the site and see if it works. Refreshing the page. Yes, it's working great. From here, it's just a matter of going through and making sure that everything is working. Check as much as you need to be convinced that the site has been fully restored. Maybe you want to log in to the admin area and take a look around, check posts and pages, and so on.

Once everything is running smooth, let's go ahead and delete the maintenance.html file and remove the htaccess code that we added to redirect site visitors. We now want them to enjoy full access to our restored site, so we can just delete this and upload the file, and for the maintenance page we need to go to the server and just delete that from the server like so. And with that, normal traffic should be flowing once again through our site.

We can hit Refresh and then visit the proxy site again one more time to see what happens when someone from a different IP address tries to request the site. There it is, and I have the WordPress directory right here, and it looks like it's just fine. In the screencast, we've completely restored our WordPress site, using our most current set of backup files. We covered an excellent method of keeping good backups in the previous screencast, so be sure to check that out too.

There are currently no FAQs about WordPress 3: Developing Secure Sites.

Share a link to this course
Please wait... Please wait...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.
Upgrade now


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ.

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Upgrade now

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed WordPress 3: Developing Secure Sites.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferencesfrom the dropdown menu.

Continue to classic layout Stay on new layout
Welcome to the redesigned course page.

We’ve moved some things around, and now you can



Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked