Two common WordPress database tasks many WordPress administrators and security professionals typically do when doing a WordPress malware removal or hack cleanup, WordPress security hardening or any other typical WordPress administrative task are; database backups and restores, and changing of data, or a number of entries manually from the WordPress database.
While working on WordPress databases, one typically encounters a number of limitations and challenges. For example large WordPress database backups cannot be restored through web based solutions such as phpMyAdmin (most common available database administration tool hosting providers use), and one cannot simply use normal search and replace queries to replace data in the WordPress database.
In this post we will look into 2 useful WordPress database tools that every WordPress security professional and administration should have in the toolbox.
BigDump: Staggered MySQL Dump Importer
How to Import (Restore) Large WordPress Database Backups through phpMyAdmin
Typically one can only import and restore a WordPress database backup, or MySQL database dump of up to 32Mb through phpMyAdmin. Unfortunately some hosting providers implement even a lower limit, such as 8Mb.
To be able to restore large WordPress databases using phpMyAdmin use BigDump. BigDump is a simple script that executes only a small part of the huge MySQL database dump and then restarts itself. The next session of the script starts where the last session was stopped. Therefore with BigDump you can still import large WordPress database backups without being limited by hard memory limits or server runtime limits.
To restore a large WordPress database dump, download BigDump script from the official BigDump website.
Search Replace DB Database Tool
Safely Search and Replace Date in WordPress Databases and Preserve Database Integrity
When you migrate a WordPress blog or website, or when a WordPress database is infected with malware, you need to find and replace several database entries. In such cases one cannot simply modify the database manually because WordPress uses serialized PHP strings in the database and therefore the integrity of the MySQL database will be broken if changes are done manually.
For example if a malicious hacker changed a number of legitimate links in the content of your WordPress website, e.g. from http://www.wpwhitesecurity.com to http://www.maliciouswebsite.com you need to search for such entries in the WordPress database and replace them. Such process cannot be done manually because the length of the string http://www.wpwhitesecurity.com is not the same as the length of the string http://www.maliciouswebsite.com, therefore upon changing them the indexes for the serialized strings do not and the database integrity is broken.
To safely search and replace strings in a WordPress database use this Search Replace DB tool.
Automated WordPress Tools
Although most of the tasks can be done manually in WordPress, do use automated tools. Automated tools are a must and can save you a lot of time. They also can do some things which sometimes it is impossible to do manually, for example as a starter when doing a WordPress security audit we always launch a WordPress security scan with WPScan. In 2 minutes it does what we usually do in 1 hour.
WP White Security Tip: ALWAYS test automated tools against a test environment before using them.