• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

WP-CLI Guide: Secure WordPress Backup and Update

July 21, 2015Alycia Mitchell

508
SHARES
FacebookTwitterSubscribe

Welcome to our second post in the series on WP-CLI for WordPress management over SSH. In our previous post, we discussed how to get your SSH credentials and use WP-CLI to connect to your website over the command line.

Before we get into changing anything, we’ll show you how to back up your database and compress it with your files to make sure you have a complete backup of your system. For this, we’ll have to go a bit beyond WP-CLI’s capabilities and use some normal command-line tools to finish the backup.

After your website (database and files) is securely backed up and transferred to a safe location, you can update the WordPress core and DB without any worries.

Sometimes, things go wrong! Be sure to read our tips on how to back up your website safely.

WP-CLI: Backup

Before updating anything, it is important to first backup your website, including your database and files. WP-CLI makes the hardest part of this process easy.

WordPress Database Backup

At the prompt, type this and press Enter:

wp db export

Now you have a backup of your database in an .SQL file at the root of your website.

WordPress File System Backup

Copying files from the server is not available in WP-CLI, but you can quickly compress all of your files, including the recent .SQL backup of your database.

Make sure you are in the root of your website, as we described earlier. Using the tar command with a few special parameters that make the backup better, and the trailing period at the end is very important, it ensures the new compressed file is saved in the same directory (i.e., folder).

tar -vczf yourbackupfilename.gz .
Transfer Backups

This will only get your backup file compressed and ready. From there, like with any good backup, you should transfer it off the server. You can use FileZilla with SFTP, your SSH credentials should work. If not – talk to your host.

Open the Site Manager and enter your SFTP connection details. You can find the .GZ file in your root folder.
Open the Site Manager and enter your SFTP connection details.

You should always have a recent working copy of your WordPress files stored off your server. If a plugin conflict breaks your website, you will want to have at least the following ready to recover:

  • Core files for your current versions of WordPress, plugins, and themes.
  • Any custom or altered files.
  • Your wp-config.php or database credentials.

It is possible that your backup plugin has WP-CLI commands of their own.

WP-CLI: WordPress Core File and Database Update

We saved the best for last. You need to do these two back-to-back, and the first one may take a moment to process:

wp core update
wp core update-db

At this point, you will want to check your website to make sure everything looks good and you can log in successfully.

Give WP-CLI a try and stay tuned for the next post in the series to learn more. You can use WP-CLI every day to check for critical WordPress updates, and with some practice, it can be an efficient way to manage WordPress securely.

Video Tutorial

As an added bonus, I’ve prepared a quick video tutorial to assist you in the process. Enjoy!

508
SHARES
FacebookTwitterSubscribe

Categories: Security Education, WordPress SecurityTags: Best Practices, Command Line Tools, Website Backup

About Alycia Mitchell

Alycia Mitchell has been Sucuri’s Marketing Manager since 2014. Alycia's main responsibilities include analytics and content strategy. Her professional experience covers 10 years of SEO and digital marketing for cybersecurity. When Alycia isn’t deep in spreadsheets, you might find her exploring nature. Connect with her on Twitter.

Reader Interactions

Comments

  1. Cesar S Falcao

    July 26, 2015

    Just found the article I asked. Maybe this should have a link to this article on the 1s post on this WP CLI series…

  2. Rickie

    August 4, 2015

    My WordPress site had been hacked and no backup.Does Sucuri offer a diagnostic service and malicious code removal for a fee and if so what is the best way to get in contact? Also require a security consultation and implementation to ensure limited chance of re-occurrence.

  3. Jesse

    October 3, 2015

    One minor correction: In your discussion of the “tar” command, you said that the trailing period is important because it “ensures the new compressed file is saved in the same directory.” Actually, that period simply tells the tar command what exactly is being tar-ed, i.e. the current directory.

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

WordPress Security Course

WordPress Security Guide

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.