WordPress Migration & Deployment TODO List

Current Status: Database Migration Complete ✅

All 16 WordPress databases successfully migrated to DigitalOcean MySQL cluster.

---

Critical Issues to Resolve

1. ⚠️ WordPress App Platform URL Mismatch

Priority: HIGH

Issue: WordPress sites on DO App Platform redirect to install.php because database URLs don't match the app URLs.

Tasks:

• Create wp-config.php template with environment detection

• Deploy wp-config.php override to all WordPress apps

• Test each WordPress app individually

• Verify database connectivity from apps

• Verify all WordPress apps can be accessed without install.php redirect

Reference: See WORDPRESS_APP_ISSUES.md for detailed solutions

---

Security & Access Isolation

2. 🔒 Database Access Isolation

Priority: HIGH ⚠️ CRITICAL SECURITY ISSUE

Current Issue: All 16 WordPress sites use the same doadmin credentials, giving each site access to ALL other sites' data.

Security Risk: If one site is compromised, attacker gains access to all 16 databases.

Tasks:

• Create 16 separate MySQL users (one per database)

• Grant each user access ONLY to their specific database

• Update wp-config.php files with site-specific credentials

• Test database access for each site

• Verify sites cannot access other databases

• Document new credentials securely

• Revoke doadmin access from apps (keep for admin only)

Implementation:

-- For each database, create isolated user
CREATE USER 'performwritecom_user'@'%' IDENTIFIED BY 'unique_secure_password';
GRANT ALL PRIVILEGES ON performwritecom_wp.* TO 'performwritecom_user'@'%';
FLUSH PRIVILEGES;
 
-- Repeat for all 16 databases

Databases requiring isolated users:

1. collegeo_wp
2. coomerawatersrea_wp
3. corne582_wp
4. handsofd_wp
5. kandudeliveriesc_wp
6. laserxperts_wp
7. murbahmowers_wp
8. murwillu_wp
9. outdoor1_wp
10. path2ucom_wp
11. performwritecom_wp
12. pits_wp
13. redheale_wp
14. sfnm_wp
15. soilife_wp
16. vastcons_wp

---

3. 🪣 CDN/Bucket Access Isolation

Priority: HIGH ⚠️ CRITICAL SECURITY ISSUE

Current Issue: Bucket credentials allow access to ALL buckets.

Security Risk: If credentials are compromised, attacker can access/modify all site assets.

Solution Options:

Option A: Separate Buckets per Site (Recommended)

• Create 16 separate DO Spaces buckets (one per site)

• Create 16 separate API keys with bucket-specific permissions

• Configure each WordPress site to use only its bucket

• Update wp-config.php with bucket-specific credentials

• Test uploads to ensure isolation

Option B: Single Bucket with IAM Policies

• Create single DO Spaces bucket with folders per site

• Create 16 separate API keys

• Apply IAM policies restricting each key to specific folder

• Configure WordPress to use folder-specific credentials

Recommendation: Option A (separate buckets) is more secure and easier to manage.

Tasks:

• Decide on bucket isolation strategy

• Create separate Spaces buckets/credentials per site

• Document bucket-specific credentials securely

• Update wp-config.php files with bucket credentials

• Test file uploads for each site

• Verify sites cannot access other buckets

Bucket Naming Convention:

wordpress-performwritecom-assets
wordpress-collegeo-assets
wordpress-soilife-assets
... (etc for all 16 sites)

---

App Platform Configuration

4. 🚀 WordPress Application Deployment

Priority: HIGH

Tasks:

• Verify all 16 WordPress apps are deployed on DigitalOcean App Platform

• Document app URLs for each WordPress site

• Configure environment variables for each app (DB_HOST, DB_USER, etc.)

• Set up health checks for each app

• Configure auto-scaling if needed

Apps to verify:

• collegeo_wp → comsmta.org

• coomerawatersrea_wp → coomerawatersrealestate.com.au

• corne582_wp → cornerstone-constructions.com.au

• handsofd_wp → handsofdestiny.com.au

• kandudeliveriesc_wp → kandudeliveries.com.au
  

• laserxperts_wp → laser-x-perts.com.au

• murbahmowers_wp → murwillumbahmowers.com.au

• murwillu_wp → murwillumbahchamber.com.au

• outdoor1_wp → outdoorism.com.au

• path2ucom_wp → path2u.com.au

• performwritecom_wp → performwrite.com.au ⚠️ Currently has install.php error

• pits_wp → preciseitservices.com.au

• redheale_wp → redhealer.com.au

• sfnm_wp → supportfornewmums.info

• soilife_wp → soilifefarming.com.au

• vastcons_wp → vastconstructions.com.au

---

DigitalOcean Spaces CDN Setup

5. 📦 CDN & Static Assets

Priority: MEDIUM

Current Status: DO Spaces bucket exists but is empty

Tasks:

• Identify which DO Spaces bucket to use

• Configure bucket CORS settings

• Configure CDN endpoint

• Create WordPress plugin/config for CDN URL rewriting

• Migrate static assets (images, CSS, JS) from WordPress uploads to CDN

• Update WordPress media library to use CDN URLs

• Test image loading from CDN

• Configure cache headers

• Set up automatic sync for new uploads

Migration Plan:

# Example: Sync WordPress uploads to Spaces
s3cmd sync /path/to/wordpress/wp-content/uploads/ s3://bucket-name/wp-content/uploads/
 
# Or use DO Spaces API
doctl compute cdn create --origin bucket-name.nyc3.digitaloceanspaces.com

WordPress CDN Plugins to Consider:

• WP Offload Media Lite (supports DigitalOcean Spaces)
• CDN Enabler
• W3 Total Cache (has CDN support)
• Custom plugin using upload_dir filter

---

Database & Configuration

6. 🗄️ Database Optimization

Priority: LOW

Tasks:

• Set up automated backups for MySQL cluster

• Configure backup retention policy

• Test database restore procedure

• Monitor database performance

• Optimize slow queries if any

• Set up database connection pooling if needed

---

DNS & Domain Configuration

7. 🌐 DNS Migration

Priority: LOW (Do after apps are working)

Tasks:

• Document current DNS records for all 16 domains

• Plan DNS cutover strategy

• Update A/CNAME records to point to DO App Platform

• Configure SSL certificates for custom domains

• Test each domain after DNS propagation

• Monitor for DNS-related issues

• Update Google Search Console / Analytics

Domains:

1. comsmta.org
2. coomerawatersrealestate.com.au
3. cornerstone-constructions.com.au
4. handsofdestiny.com.au
5. kandudeliveries.com.au
6. laser-x-perts.com.au
7. murwillumbahmowers.com.au
8. murwillumbahchamber.com.au
9. outdoorism.com.au
10. path2u.com.au
11. performwrite.com.au
12. preciseitservices.com.au
13. redhealer.com.au
14. supportfornewmums.info
15. soilifefarming.com.au
16. vastconstructions.com.au

---

Monitoring & Performance

8. 📊 Monitoring Setup

Priority: MEDIUM

Tasks:

• Set up uptime monitoring for all 16 sites

• Configure error logging

• Set up alerts for downtime

• Monitor database performance

• Track page load times

• Set up APM (Application Performance Monitoring)

Tools to consider:

• DigitalOcean Monitoring
• UptimeRobot
• New Relic / Datadog
• Custom health check endpoints

---

Dashboard Integration

7. 🎨 RMM Dashboard Integration

Priority: MEDIUM

Tasks:

• Add WordPress sites to services page in dashboard

• Display database credentials (secure view)

• Show app status (online/offline)

• Display site URLs

• Add quick links to:
  • App Platform dashboard
  • Database cluster
  • CDN settings

• Implement site health checks in dashboard

• Add deployment status indicators

Data to display:

• Site name
• Original URL
• DO App URL
• Database name
• Status (✅ Online / ⚠️ Issues / ❌ Offline)
• Last checked timestamp
• Quick actions (restart, view logs, etc.)

---

Testing & Validation

8. ✅ Testing Checklist

Priority: HIGH

Tasks:

• Database connectivity tested ✅

• All 16 databases verified on DO MySQL cluster ✅
• WordPress admin login works for all sites

• Frontend pages load correctly

• Media uploads working

• Plugins functioning correctly

• Themes displaying properly

• Forms/contact functionality working

• Search functionality working

• SSL certificates valid

• Performance testing (page load times)

• Mobile responsiveness check

---

Documentation

9. 📝 Documentation Tasks

Priority: LOW

Tasks:

• Database credentials documented ✅

• WordPress app issues documented ✅
• wp-config.php template created

• CDN setup guide

• Deployment runbook

• Rollback procedures

• Troubleshooting guide

• Update README files

---

Cleanup & Optimization

10. 🧹 Post-Migration Cleanup

Priority: LOW (After everything is working)

Tasks:

• Remove old cPanel SQL dumps (after verifying DO is working)

• Clean up temporary files and scripts

• Archive migration logs

• Remove test/debug code

• Optimize images before uploading to CDN

• Clean up unused plugins/themes

• Remove old cPanel backups

---

Quick Win Tasks (Do First)

Immediate Actions:

1. ✅ Fix performwritecom_wp app - Update siteurl in database or add wp-config override
2. Test other apps - Check if other WordPress apps have same issue
3. Create wp-config template - Standard config for all sites
4. Document app URLs - List all DO App Platform URLs

Within 24 Hours:

1. Get all apps working - No more install.php redirects
2. Test admin access - Verify wp-admin works on all sites
3. Check file uploads - Ensure wp-content/uploads is writable
4. Initial CDN setup - At least configure the bucket

Within 1 Week:

1. Full app testing - Test all functionality on all 16 sites
2. CDN deployment - Migrate static assets
3. Dashboard integration - Add sites to RMM dashboard
4. Monitoring setup - Health checks and alerts

---

Resources & References

• Database Credentials
• App Platform Issues
• Migration Summary
• DO MySQL Cluster
• DO App Platform
• DO Spaces CDN

---

Notes

• Database Migration: ✅ Complete - All 16 databases on DO MySQL cluster
• App Deployment: ⚠️ Partial - Apps deployed but have URL mismatch issues
• CDN Setup: ❌ Not started - Bucket is empty
• DNS Migration: ❌ Not started - Still on cPanel hosting

Current Blocker: WordPress apps redirect to install.php due to URL mismatch between database (old cPanel URLs) and app platform URLs.

Next Step: Update wp-config.php files to handle multiple environments OR update database URLs for testing.

---

Last Updated: February 17, 2026