Since every WordPress plugin runs custom PHP code, it can write to the filesystem, your database, and potentially remote storage (e.g. if you use a DropBox backup plugin). In this example I’m going to show how to export settings for iThemes security, since this has a moderately complex installation.
To see what this look like, you can log into your database and list out the tables:
mysql -u root -p
select garysielingcom;
show tables;
+---------------------------+ | Tables_in_garysielingcom | +---------------------------+ | wp_appsin_settings | | wp_commentmeta | | wp_comments | | wp_cpd_counter | | wp_easy_todo | | wp_itsec_lockouts | | wp_itsec_log | | wp_itsec_temp | | wp_layerslider | | wp_links | | wp_nf_objectmeta | | wp_nf_objects | | wp_nf_relationships | | wp_ninja_forms_fav_fields | | wp_ninja_forms_fields | | wp_options | | wp_popularpostsdata | | wp_popularpostssummary | | wp_postmeta | | wp_posts | | wp_term_relationships | | wp_term_taxonomy | | wp_termmeta | | wp_terms | | wp_usermeta | | wp_users | | wp_wsal_metadata | | wp_wsal_occurrences | +---------------------------+
Some of these are obviously WordPress tables (wp_posts, wp_users, etc), but several are for plugins I’ve installed (e.g. WP Security has several – wp_itsec_lockouts, wp_itsec_log, and wp_itsec_temp). The “wp_” part of the table name is configured at install time – if you have multiple WordPress installs in a database they would have different prefixes. This indicates that WordPress plugins with this prefix are using a WordPress API to set the table up.
Consequently, if you want to see where these are created, you need to search your site for the table name without the prefix:
grep -irl itsec_temp *
wp-content/plugins/better-wp-security/core/class-itsec-setup.php wp-content/plugins/better-wp-security/core/class-itsec-lockout.php wp-content/plugins/better-wp-security/core/modules/backup/settings.php wp-content/plugins/better-wp-security/core/class-itsec-lib.php
To export one of these tables, you can use “mysqldump”, like so:
mysqldump -p garysielingcom wp_itsec_lockouts > wp_itsec_lockouts.sql
When you inspect these, you’ll see that iThemes Security has a “create_database_tables” function that creates the above tables. However, it also shows that WordPress has settings that are tied to the site1, rather than the plugin.
These are stored in “wp_options”:
mysql> select * from wp_options limit 10;
+-----------+--------------------+----------------------------------+----------+ | option_id | option_name | option_value | autoload | +-----------+--------------------+----------------------------------+----------+ | 3 | siteurl | https://www.garysieling.com/blog | yes | | 4 | blogname | Gary Sieling | yes | | 5 | blogdescription | Philadelphia Software Developer | yes | | 6 | users_can_register | 0 | yes | | 7 | admin_email | gary@garysieling.com | yes | | 8 | start_of_week | 1 | yes | | 9 | use_balanceTags | 0 | yes | | 10 | use_smilies | 1 | yes | | 11 | require_name_email | 1 | yes | | 12 | comments_notify | 1 | yes | +-----------+--------------------+----------------------------------+----------+
The iThemes security values are a bit long, but you can see there are 17 of them:
select count(*) from wp_options where option_name like 'itsec%';
+----------+ | count(*) | +----------+ | 17 | +----------+
You can then use the mysqldump command above, but just exporting the relevant values from iThemes Security:
mysqldump -p garysielingcom wp_options --where="option_name like 'itsec%'" > wp_options.sql
To re-import these settings, you just need to run statements to delete the values you’re importing, then re-run the SQL scripts you’ve created. Deleting the values that match what you export allows you to simply re-import (i.e. there would be no issues merging values the plugin install code may have created if you’re migrating to another site).
- https://codex.wordpress.org/Function_Reference/add_site_option [↩]