How to move a WordPress website to another sever

move wordpress migrar wordpress

Move WordPress to your development environment Server or PC

Moving WordPress to a local, non public server, it’s similar to migrating your WordPress website to a different domain.

You don’t get to use the originally domain name, so you have to make sure that all database or file entries pointing to it are updated with the new domain information.

We are currently using this to update our development environment from time to time with new production server information as it’s recorded at the moment a backup is done.

What do we need to do?

  • We use FileZilla to download all the WordPress server files via FTP. We tried CyberDuck, but it would get stuck sometimes and it wouldn’t download after a considerable amount of time. In comparison, FileZilla is blindingly fast. Store those files in a folder which will include in its name the download date.
  • Most hosting companies provide you with phpMyAdmin so that you maintain your tables. Selecting the database name, and clicking Export on top, and then clicking the Go button, will provide you with a backup of your MySQL database.
  • We’re assuming that you already have a working WordPress development environment. Later on we will cover this topic in another post. We configured our local development environments to use almost the same domain name as the production server (instead of, its named www.mysite.loc). This can’t be done using the free versions of XAMP, MAMP or WAMP, since you’re only allowed to use localhost as the server name on them.
  • It’s recommended that you backup your local development environment folder using the backup date as part of the backup folder name, and on your development environment database file.
  • Replace the contents of your local development directory with the contents of the main server directory.
  • Delete the development environment database, then create a new database with the same database name as the production server database name at the development environment phpMyAdmin browser page.
  • Select the newly created database and select Import on top. Browse to your file and click Go. If you receive an error, check the post phpMyAdmin: You may have found a bug in SQL parser to see if it solves your situation.
  • Using phpMyAdmin, select the database and click SQL on top. Copy and paste the following lines, but change mysite to the name of your site (wp_ is used in this example as the blog prefix, but you can change it to whatever you chooses to use, if different) and click Go:

UPDATE wp_blogs SET domain = replace(domain, ‘’, ‘www.mysite.loc’);
UPDATE wp_options SET option_value = replace(option_value, ‘’, ‘www.mysite.loc’);
UPDATE wp_posts SET guid = REPLACE (guid, ‘’, ‘www.mysite.loc’);
UPDATE wp_posts SET post_content = REPLACE (post_content, ‘’, ‘www.mysite.loc’);
UPDATE wp_postmeta SET meta_value = REPLACE (meta_value, ‘’,’www.mysite.loc’);
UPDATE wp_site SET domain = replace(domain, ‘’, ‘www.mysite.loc’);
UPDATE wp_sitemeta SET meta_value = replace(meta_value, ‘’, ‘www.mysite.loc’);
UPDATE wp_usermeta SET meta_value = replace(meta_value, ‘’, ‘www.mysite.loc’);

  • Now open your wp-config.php file with your preferred text editor. It should be on the directory root where you installed WordPress. Find and change the following lines:

If you have installed the WP Super Cache plugin:

define( ‘WPCACHEHOME’, ‘<local server complete path to –> >/wp-content/plugins/wp-super-cache/’ );

Enter your local environment user name. Try to use the one you use on your production environment and add this user to your local environment using phpMyAdmin :

define(‘DB_USER’, ‘<your local user name>’);

The password you have in this file downloaded from the server is going to be md5 encoded. Assign the decoded password to the user above in your development server and add it here, unencoded (visible).

define(‘DB_PASSWORD’, ‘<your extremely secure password>’);

Here you replace the production server domain with the locally used, similar domain.

define(‘DOMAIN_CURRENT_SITE’, ‘www.mysite.loc’);

This is for the long run. On a development environment you need to set the file system method to download updates before installing them, since your domain is only valid locally. Add this line above the line that says “/* That’s all, stop editing! Happy blogging. */”.

define(‘FS_METHOD’, ‘direct’);

And last, add this line after the FS_METHOD line to tell WordPress that you are “relocating” your website.


After this, save the wp-config.php file and get into your website’s admin side at http://www.mysite.loc/wp-admin/. If you’re asked to log in, do it.

Once you’re in, delete from the wp-config.php file the RELOCATE define line, save the file and close it.

If you use the BWP-Minify plugin, get into Settings, BWP Minify and update the cache location to match your local server path.

We do this every time we have to start a modification to get fresh data from the production server. It can even be used to test a situation observed at the production server that doesn’t require for you to be at the public domain server in order to be tested.

Comments are welcomed, but are screened before approving them for publication.

phpMyAdmin: You may have found a bug in SQL parser

mysql php phpmyadminmysql php phpmyadmin

phpMyAdmin is helping you backup the MySQL database of your hosted website

We use phpMyAdmin to do periodical backups of the MySQL database used by our website. It’s better to be safe than sorry.

There’s a development environment, parallel to our production environment, created to test our modifications and to help us keep them synchronized with the production environment.

Suddenly, we couldn’t get the production server database backup into our development environment database.

We received the following MySQL error message at the phpMyAdmin interface:

There is a chance that you may have found a bug in the SQL parser. Please examine your query closely, and check that the quotes are correct and not mis-matched. Other possible failure causes may be that you are uploading a file with binary outside of a quoted text area. You can also try your query on the MySQL command line interface. The MySQL server error output below, if there is any, may also help you in diagnosing the problem. If you still have problems or if the parser fails where the command line interface succeeds, please reduce your SQL query input to the single query that causes problems, and submit a bug report with the data chunk in the CUT section below:
----BEGIN CUT----
----END CUT----
----BEGIN RAW----

ERROR: C1 C2 LEN: 1 2 11

MySQL: 5.6.11-ndb-7.3.2-cluster-gpl
PMA: 4.0.6
PHP VER,OS: 5.4.17 Darwin
LANG: en

----END RAW----

SQL query:

MySQL said: Documentation
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

The error is simple. There are some nongraphical characters at the end of the file, which are originating this problem when sent by phpMyAdmin to the receiving MySQL database.

How can we fix this?

The .sql file has to be an ASCII file. If the file you are trying to read is a zipped or gzipped file, you need to uncompress it first before using phpMyAdmin to send it to the MySQL database.

If the file can be read using a text editor (it’s ASCII), you’ll need to open it with a text editor which shows nongraphical characters, like VI using Terminal in a Mac, or Wordpad in Windows.

We use a Mac in our development environment, so we’re going to cover the rest of this post using VI and Finder.

Navigate to the file using Finder.

Open Terminal by going into the top right corner, clicking on Spotlight, writing Terminal and clicking enter.

On Terminal, write VI and to the right of VI drag and drop the file from the finder. You’re going to see its full path.

After clicking the enter key at Terminal, click the letter G (uppercase g) to get to the last file line.

You may find a char sequence like this:


Press the DELete key until all those chars are deleted.

Press :x (enter both chars, one by one) and press enter to save the changes.

Try to import the file to the MySQL database using phpMyAdmin and you’ll see that the error is gone.

We do welcome any comments or questions you may have.

Login loop with Theme My Login/ WordPress HTTPS SSL

Theme My Login WordPress HTTPS SSL

This fixed the famous Theme My Login / WordPress HTTPS (SSL) infinite login loop for us

You decided to add an SSL certificate to your website. This is required by Google and other entities in order to safely and securely transmit personal information from a customer into payment gateways.

We had 2 options:

  • Make the whole site use the certificate.
  • Only use the certificate on areas where customer input is needed.

We went for the second approach, but found out that WordPress thinks that you’re using the 1st approach.

The second approach is better because secure connections require more server resources to negotiate the information being sent or received. By following this approach, your don’t require to upgrade your server too much.

The situation is created because WordPress doesn’t have a direct way to know that you are using a hybrid HTTPS/HTTP configuration.

Part of the security requirements is that a user has to login using a secure connection. Theme My Login provides a website themed login page for this purpose and the WordPress HTTPS (SSL) plugin provides a way to handle a hybrid HTTPS/SSL website configuration.

WordPress uses is_ssl() to know if you are currently using a secured (port 443) connection.

Since you told WordPress HTTPS (SSL) that the login page has to be secured, you are in fact using a secure connection while login in.

Since WordPress’ is_ssl() check tells that you are using a secure connection, WordPress tries to create a secure cookie for the user login in.

The issue is that this cookie can only be used over SSL connections. This creates the loop because WordPress sees a secure cookie trying to be used over an insecure connection after you’ve logged in and you’re redirected to an insecure page in your website.

The solution is to use a WordPress insecure cookie (like the one created over HTTP, when is_ssl() is false), which can be used over both secure and insecure connections.

What do you need to do?

You need to tell WordPress that even though you are login in using a SSL connection, the cookie that’s going to be created needs to be insecure.

How can we accomplish this?

By hooking a filter to the secure_signon_cookie filter hook and changing the secure cookie filtered value to something that will tell WordPress that the cookie should be created as insecure (false):

function rsssl_secure_cookie( $secure_cookie, $credentials ) {
return FALSE;
add_filter( ‘secure_signon_cookie’, ‘rsssl_secure_cookie’, 10, 2 );

This eliminated the infinite loop for both users login into the store and for us login into the admin side while using both Theme My Login and WordPress HTTPS (SSL) plugins.

You’re welcomed to comment, but we do screen every comment before publishing them.

Theme My Login and Polylang issues fixes

Polylang / Theme My Login

Here are some Theme My Login / Polylang issues fixes

This website uses a translations plugin known as Polylang. It helps you manage WordPress pages/posts translations as separate entities. This is not that easy to maintain if you handle various languages, but it seems to us that it is the right way to do things.

It also uses Theme My Login to replace the WordPress standard user login, log out, registration and password recovery pages with themed ones based on your website look.

The issue here is that Polylang requires using separate translated pages or posts to provide them as the translated versions. Theme My Login only generates the default language ones, so you have to manually add another page for each translation and for each user operation.

These pages require to include the body short code that the standard generated Theme My Login pages have.

The following code needs to be added into a plugin file or your theme’s functions.php file. It doesn’t matter where you place this code inside the functions.php file.

Theme My Login doesn’t come with translation files when installed, so you have to download them. Check the Theme My Login installation instructions at for more information on how to obtain them.

We found that Theme My Login loads translations during the plugin loaded action, instead of the init action. Even though the translation is loaded on Theme My Login’s own domain, it uses the WordPress default domain, so you never get to translate page titles or content.

To fix this, you need to merge Theme My Login’s translations into the default translation domain:

function p4tml_my_login_domain() {
$mofile = WP_PLUGIN_DIR . ‘/theme-my-login/language/’ . ‘theme-my-login-‘ . get_locale() . ‘.mo’;
if ( file_exists( $mofile ) ) {
load_textdomain( ‘default’, $mofile );
add_action( ‘plugins_loaded’, ‘p4tml_my_login_domain’, 9 );

Now the Theme My Login translations can be picked up from the default domain, as it is currently designed.

Next, you need to use these translations. Since the translation domain loads too late, you need to add these 2 filters in order to translate the user link names and page’s titles:

function p4tml_user_links( $user_links ) {
foreach( $user_links as $key => $user_link ) {
$user_links[$key][‘title’] = __( $user_link[‘title’] );
return $user_links;
add_filter( ‘tml_user_links’, ‘p4tml_user_links’, 11 );

function p4tml_title( $title ) {
return __( $title );
add_filter( ‘tml_title’, ‘p4tml_title’, 11 );

So you now can use TML’s translations.

And last, Theme My Login adds an action post meta to all its pages. When you create a translated page for Polylang use, it doesn’t have the post meta needed to be recognized.

This snippet fixes this by automatically adding TML’s default language post meta to all the translated TML’s pages:

function p4tml_action_meta( $page_link, $post_id ) {
if ( ! $page = get_post( $post_id ) ) {
return $page_link;
if ( ‘page’ != $page->post_type ) {
return $page_link;
$original = pll_get_post( $page->ID, pll_default_language() );
if ( $original == $page->ID ) {
return $page_link;
$tml_action = get_post_meta( $original, ‘_tml_action’, TRUE );

if ( ! empty( $tml_action ) ) {
$check = get_post_meta( $page->ID, ‘_tml_action’, TRUE );
if ( $tml_action != $check ) {
update_post_meta( $page->ID, ‘_tml_action’, $tml_action );
return $page_link;
add_filter( ‘page_link’, ‘p4tml_action_meta’, 9, 2 );

With these modifications, you’ll get Theme My Login to be compatible with Polylang, as it is needed.

As always, comments are welcomed, but we screen them before publication.

How to check if a website uses SSL / HTTPS

SSL Certificate

Here’s a SSL WordPress/PHP experience for your benefit:

During the creation of a WordPress plugin that needs to know if the server where is hosted has a valid SSL certificate, we had to look for a way to check for the certificate presence in order to enable certain functionality and avoid errors that needed to be handled.

Searching provided us with this question being asked all over the place, but we never found a simple way to check for it anywhere.

The simplest way to check, is to try to open a secure socket connection with the server. If we don’t receive a response from the server within a reasonable time, the request will timeout and then, you’ll know that the server you are checking doesn’t have a certificate.

Since this check needs to be done many times, depending on the SSL dependent functionality distribution in the plugin, it’s better to store this response and access it every time is needed, instead of trying to create the secure connection and wait for it to time out with every check.

WordPress’ options table is a good place where this value can be stored:

function rsssl_has_cert( $update = FALSE ) {
$has_ssl = get_option( ‘rsssl_has_cert’, ‘Not_Set’ );
$has_ssl = $has_ssl != ‘Not_Set’ ? (bool) $has_ssl : (string) $has_ssl;
if ( ! is_bool( $has_ssl ) || $update === TRUE ) {
$context = stream_context_create ( array( "ssl" => array( "capture_peer_cert" => true ) ) );
$domain = "ssl://" . DOMAIN_CURRENT_SITE . ":443";
$socket = stream_socket_client( $domain, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context);
if ( $socket === FALSE ) {
update_option( ‘rsssl_has_cert’, ‘0’ );
$has_ssl = FALSE;
} else {
update_option( ‘rsssl_has_cert’, ‘1’ );
$has_ssl = TRUE;
return $has_ssl;

This code snippet starts by checking if the SSL check option is set.

If it’s not, it creates the stream context and uses the DOMAIN_CURRENT_SITE globally defined variable to get the local server url.

You can change this value to something different if you need to check the certificate presence in a different website.

stream_socket_client tries the connection.

If it succeeds, you’ll get the SSL certificate data back. If it fails, its value will be false. For both cases, you can create/update the option value according to either of both results.

Additionally, it includes an $update input parameter, which is defaulted to false. If while using this function you provide a true value, it will test again the certificate availability and will update the option table accordingly.

We really hope this information can help you. Comments are welcomed, but are screened before being published.

How to disable comments on WordPress Attachments

We all are familiar with spam comments.

spambot comment

Depending on how long we’ve had a particular e-mail address, and how many times we have entered it into websites that require it in order to provide us with information we’re looking for, or promising to send us a special prize or compensation, or to show us the next best thing, it may compose more than 90% of what we receive in our mailboxes.

Being recently involved in creating this WordPress based website from the ground up, it has come to our attention that spam is not limited to e-mails.

Enter the spambot comments

spambot comment comentario

When you have to take care of a website, you realize that your website becomes exposed to these spam bots, once you start to generate enough traffic to get it noticed.

Some spambots will look for Javascript vulnerabilities to try and get control of your website, or add a website inside your website, or, plainly and simple, add automated spam comments with links to a series of dubious websites selling boots, medicine, clothing apparel, or knockoffs/counterfeits.

Something that surprised us, is that these spambots even try to add these spam comments on items that are rarely visible independently or on their own by a human, like images or file attachments.

All human visitors mostly see these items as part of a post or when downloaded by the browser.

To avoid this, you have to tell WordPress that these items can’t receive comments.

Luckily, WordPress provides the means to be told this behavior through a filter hook.

The filter hook is called ‘comments_open’.

WordPress sends a boolean value using this filter hook, so that plugins can alter this behavior based on the criteria determined by the plugin designer.

If true, allow comments. If false, disable comments.

In our case, the criteria is that if the post being retrieved by a visitor is an attachment, block comments by changing to false this value.

Another parameter sent through this filter hook is the post id, so that the snippet can identify the type of post being prepared for display.

We had a custom plugin where we added this code, but if you don’t have one or currently can’t create a new one, go to you theme’s directory, look for the functions.php file, and paste it in it wherever you like:

function rswp_comment_status( $allow, $post_id ) {
$post = get_post( $post_id );
if( $post->post_type == ‘attachment’ ) {
return false;
return $allow;
add_filter( ‘comments_open’, ‘rswp_comment_status’, 10 , 2 );

We hope that this resolves this situation for you.

You are welcomed to comment, but we do screen every comment received before approving it.

Deals at

Welcome to Reactor Shop!

Reactor Shop LLC Terms and Conditions

Best Deals at Reactor Shop!

Inside this store, you’re going to find items we currently sell on eBay , Mercado Libre and other venues. Later on, as time allows, you’ll find here reviews about these and other items too.

We’re selling items that we’ve owned over the years, because that leaves us with the experience needed to have an opinion and something to write about them. That’s why you’re going to find items from different, unrelated categories. Let’s say it’s our day to day “I need this for home improving”, “I need this for my car”, “I need this for my kids”, etc.

I encourage you to check back every now and then to see what’s new in our store and to check what we’ve been reviewing lately.

You’re going to find our product listing by clicking on the left sidebar, under Product Categories. Below any product description you can leave a reply. Ask any question you may have about the product, and you’ll receive a prompt and courteous reply.

Deals requests?

If you have a specific request for an item not listed here, we can look for them and find the best deals online for those articles. Now a days, time is limited due to the 9 to 5 routine, then getting home with family or visiting friends, so not much time is left to use on internet searching, reading reviews, being redirected to the same reviews (you know what I’m talking about), etc.

So, you can leave those searches to us. Just try us.

How safe is it to buy from your site?

As you will notice, we use our own pictures to list items in this store. Those items are in stock.

Another assurance feature is that we use PayPal and MercadoPago Buy Now buttons for check out and Skrill email payments. We’re verified with Paypal, so you don’t have anything to worry about.

If you have any questions, please do not hesitate to contact us.

Best regards,

Jorge Aguayo

Reactor Shop

Please use our contact form located above, in “Contact”, to reach us.