{"id":22635,"date":"2013-04-02T00:03:28","date_gmt":"2013-04-02T00:03:28","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/automatic-domain-changer\/"},"modified":"2026-05-08T04:01:58","modified_gmt":"2026-05-08T04:01:58","slug":"automatic-domain-changer","status":"publish","type":"plugin","link":"https:\/\/pcd.wordpress.org\/plugins\/automatic-domain-changer\/","author":11776274,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"3.0.1","stable_tag":"3.0.1","tested":"6.9.4","requires":"5.0","requires_php":"7.4","requires_plugins":null,"header_name":"Automatic Domain Changer","header_author":"NuageLab <wordpress-plugins@nuagelab.com>","header_description":"","assets_banners_color":"f7f6f7","last_updated":"2026-05-08 04:01:58","external_support_url":"","external_repository_url":"","donate_link":"http:\/\/www.nuagelab.com\/products\/wordpress-plugins\/","header_plugin_uri":"http:\/\/www.nuagelab.com\/wordpress-plugins\/auto-domain-change","header_author_uri":"http:\/\/www.nuagelab.com\/wordpress-plugins","rating":4.3,"author_block_rating":0,"active_installs":10000,"downloads":172315,"num_ratings":28,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"3.0.0":{"tag":"3.0.0","author":"nuagelab","date":"2026-05-08 03:48:27"},"3.0.1":{"tag":"3.0.1","author":"nuagelab","date":"2026-05-08 04:01:58"}},"upgrade_notice":{"3.0.1":"<p>Critical hotfix for 3.0.0. Stops the Replacer from corrupting serialized PHP class instances (for example the <code>_site_transient_update_plugins<\/code> transient), which could trigger fatal &quot;incomplete object&quot; errors in PHP 8. Update before running another domain change.<\/p>","3.0.0":"<p>Recommended security update. Fixes a SQL-injection risk and a PHP object-injection risk in the domain-change routine, hardens the admin-page capability\/nonce checks, and modernizes the codebase. Now requires PHP 7.4+ and WordPress 5.0+.<\/p>"},"ratings":{"1":4,"2":0,"3":1,"4":1,"5":22},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":1151260,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":1151255,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-772x250.png":{"filename":"banner-772x250.png","revision":732952,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["3.0.0","3.0.1"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3526124,"resolution":"1","location":"plugin","width":721,"height":334}},"screenshots":{"1":"The domain change and admin notice"}},"plugin_section":[],"plugin_tags":[83,563,9800,175,4155],"plugin_category":[59],"plugin_contributors":[79528],"plugin_business_model":[],"class_list":["post-22635","plugin","type-plugin","status-publish","hentry","plugin_tags-admin","plugin_tags-administration","plugin_tags-domain-change","plugin_tags-links","plugin_tags-migration","plugin_category-utilities-and-tools","plugin_contributors-nuagelab","plugin_committers-nuagelab"],"banners":{"banner":"https:\/\/ps.w.org\/automatic-domain-changer\/assets\/banner-772x250.png?rev=732952","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/automatic-domain-changer\/assets\/icon-128x128.png?rev=1151260","icon_2x":"https:\/\/ps.w.org\/automatic-domain-changer\/assets\/icon-256x256.png?rev=1151255","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/automatic-domain-changer\/trunk\/screenshot-1.png?rev=3526124","caption":"The domain change and admin notice"}],"raw_content":"<!--section=description-->\n<p>This plugin automatically detects a domain name change, and updates all the WordPress tables in the database to reflect this change.<\/p>\n\n<h4>Features<\/h4>\n\n<ul>\n<li>Easily migrate a WordPress site from one domain to another<\/li>\n<li>Migrate www.domain.com and domain.com at once<\/li>\n<li>Migrate http and https links at once<\/li>\n<\/ul>\n\n<h4>Feedback<\/h4>\n\n<ul>\n<li>We are open for your suggestions and feedback - Thank you for using or trying out one of our plugins!<\/li>\n<li>Drop us a line <a href=\"http:\/\/twitter.com\/#!\/nuagelab\">@nuagelab<\/a> on Twitter<\/li>\n<li>Follow us on <a href=\"https:\/\/www.facebook.com\/pages\/NuageLab\/150091288388352\">our Facebook page<\/a><\/li>\n<li>Drop us a line at <a href=\"mailto:wordpress-plugins@nuagelab.com\">wordpress-plugins@nuagelab.com<\/a><\/li>\n<\/ul>\n\n<h3>Translations<\/h3>\n\n<ul>\n<li>English<\/li>\n<li>French<\/li>\n<li>Spanish<\/li>\n<li>Slovak<\/li>\n<\/ul>\n\n<!--section=installation-->\n<p>This section describes how to install the plugin and get it working.<\/p>\n\n<h4>Requirements<\/h4>\n\n<ul>\n<li>The PHP CURL extension, usually installed on Un*x, Mac and Windows environments. See \"Installing CURL on Linux\" below for more help.<\/li>\n<li>Capability for your server to communicate with the outside work (or more specifically, to communicate with our servers)<\/li>\n<\/ul>\n\n<h4>Installing the Plugin<\/h4>\n\n<p><em>(using the Wordpress Admin Console)<\/em><\/p>\n\n<ol>\n<li>From your dashboard, click on \"Plugins\" in the left sidebar<\/li>\n<li>Add a new plugin<\/li>\n<li>Search for \"Automatic Domain Changer\"<\/li>\n<li>Install \"Automatic Domain Changer\"<\/li>\n<li>Once Installed, if you want to manually change your domain, go to Tools &gt; Domain Change<\/li>\n<li>If your domain changes, a notice will appear at the top of the admin screen with a link to the domain changing tool<\/li>\n<\/ol>\n\n<p><em>(manually via FTP)<\/em><\/p>\n\n<ol>\n<li>Delete any existing 'auto-domain-change' folder from the '\/wp-content\/plugins\/' directory<\/li>\n<li>Upload the 'auto-domain-change' folder to the '\/wp-content\/plugins\/' directory<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress<\/li>\n<li>Once Installed, if you want to manually change your domain, go to Tools &gt; Domain Change<\/li>\n<li>If your domain changes, a notice will appear at the top of the admin screen with a link to the domain changing tool<\/li>\n<\/ol>\n\n<h4>Making your blog\/site address automatically reflect your server's name<\/h4>\n\n<p>Add the following to your wp-config.php file:<\/p>\n\n<pre><code>define('WP_HOME', 'https:\/\/' . $_SERVER['SERVER_NAME']);\ndefine('WP_SITEURL', 'https:\/\/' . $_SERVER['SERVER_NAME']);\n<\/code><\/pre>\n\n<p>See http:\/\/codex.wordpress.org\/Editing_wp-config.php#WordPress_address_.28URL.29 for more information.<\/p>\n\n<!--section=faq-->\n<dl>\n<dt id=\"what%20does%20this%20plugin%20do%20precisely%3F\"><h3>What does this plugin do precisely?<\/h3><\/dt>\n<dd><p>It scans all the tables with the same table prefix as WordPress. It fetches each row, unserialize values as needed, and replace the old domain by the new.<\/p><\/dd>\n<dt id=\"do%20you%20plan%20to%20localize%20this%20plugin%20in%20a%20near%20future%3F\"><h3>Do you plan to localize this plugin in a near future?<\/h3><\/dt>\n<dd><p>Yes, this plugin will be translated to french shortly. If you want to help with translation in other languages, we'll be happy to hear from you.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>3.0.1<\/h4>\n\n<p>Hotfix for a regression introduced in 3.0.0.<\/p>\n\n<ul>\n<li>Fix: rows whose serialized payload contains a PHP class instance (for example, the <code>_site_transient_update_plugins<\/code> transient or any plugin-stored object) were being corrupted into <code>__PHP_Incomplete_Class<\/code> after a domain change, which caused fatal errors in PHP 8 the next time something tried to mutate a property on those objects. The Replacer now leaves such rows byte-identical instead of round-tripping them through <code>unserialize()<\/code>. URLs inside class instances are no longer rewritten \u2014 but they are no longer destroyed either.<\/li>\n<li>Fix: no-op short-circuit when the old and new domains match (case-insensitively) and no protocol change was requested, so rerunning with the same values cannot itself damage the database.<\/li>\n<li>Test: add docker smoke-test cases that seed a <code>stdClass<\/code> option and an array containing a <code>stdClass<\/code>, and assert both survive byte-identical.<\/li>\n<\/ul>\n\n<p>If you ran 3.0.0 with old == new and now see \"incomplete object\" fatals (for example from wp-migrate-db-pro's update-checker hook), clear the affected transients with <code>wp transient delete update_plugins --network<\/code> (and <code>update_themes<\/code>, <code>update_core<\/code>) \u2014 they regenerate on the next dashboard load.<\/p>\n\n<h4>3.0.0<\/h4>\n\n<p>Major modernization release. The user-facing behavior is unchanged: the same Tools \u2192 Change Domain page with the same options and the same backup buttons. Everything else has been rewritten.<\/p>\n\n<p><strong>Security<\/strong><\/p>\n\n<ul>\n<li>Replaced the raw SQL <code>UPDATE<\/code> in the domain-change routine with prepared <code>$wpdb-&gt;update()<\/code> calls to eliminate a SQL injection risk on the primary-key value.<\/li>\n<li><code>unserialize()<\/code> is now called with <code>allowed_classes =&gt; false<\/code> so a malicious serialized payload in a row cannot trigger PHP object injection while the plugin scans the database.<\/li>\n<li>Option writes (<code>auto_domain_change-https<\/code>, <code>auto_domain_change-www<\/code>) are now gated behind both nonce verification and an <code>update_core<\/code> capability check. Previously, any authenticated <code>POST<\/code> to the admin page could flip them.<\/li>\n<li>Dismissing the domain-change admin notice now requires a nonce and the <code>update_core<\/code> capability (previously a plain <code>?dismiss-domain-change=1<\/code> GET, vulnerable to CSRF).<\/li>\n<li>All <code>$_POST<\/code>, <code>$_GET<\/code>, and <code>$_SERVER<\/code> values are sanitized; <code>force-protocol<\/code> is validated against an allow-list; submitted domains are validated against a host-name pattern before being used.<\/li>\n<li>Explicit capability checks at the top of the admin page and both backup routines (defense in depth).<\/li>\n<li>Drops the PHP-4 <code>&amp;$this<\/code> reference style and the manual <code>pluggable.php<\/code> require.<\/li>\n<\/ul>\n\n<p><strong>Compatibility<\/strong><\/p>\n\n<ul>\n<li><code>Requires PHP: 7.4<\/code>, <code>Requires at least: 5.0<\/code>. Older PHP silently ignored <code>unserialize()<\/code>'s <code>allowed_classes<\/code> option, defeating the object-injection guard, so older versions are now refused with a clear admin notice.<\/li>\n<li>Tested up to WordPress 6.9.4.<\/li>\n<\/ul>\n\n<p><strong>Architecture<\/strong><\/p>\n\n<ul>\n<li>Restructured into a PSR-4 layout under <code>NuageLab\\AutoDomainChanger\\<\/code> with a tiny hand-rolled autoloader (no Composer required at runtime).<\/li>\n<li>Extracted the admin form to a template, the styles to <code>assets\/css\/admin.css<\/code>, and the click handler to vanilla <code>assets\/js\/admin.js<\/code> (no jQuery).<\/li>\n<li>The serialize\/JSON walker (<code>Domain\\Replacer<\/code>) is now a self-contained class that can be invoked independently of the admin UI.<\/li>\n<\/ul>\n\n<h4>2.0.2<\/h4>\n\n<ul>\n<li>Tested up to WordPress 4.9.8<\/li>\n<li>Added a way to change the protocol to HTTP or HTTPS<\/li>\n<\/ul>\n\n<h4>2.0.1<\/h4>\n\n<ul>\n<li>Tested up to WordPress 4.6.1<\/li>\n<li>Removed admin notice for users who don't have update_core permission<\/li>\n<\/ul>\n\n<h4>2.0.0<\/h4>\n\n<ul>\n<li>Tested up to WordPress 4.4.2<\/li>\n<li>Added backup functionality<\/li>\n<li>Removed usage of mysql_* functions in favor of $wpdb<\/li>\n<\/ul>\n\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Tested up to WordPress 4.2.2<\/li>\n<\/ul>\n\n<h4>1.0<\/h4>\n\n<ul>\n<li>Tested up to WordPress 4.2.1<\/li>\n<\/ul>\n\n<h4>0.0.6<\/h4>\n\n<ul>\n<li>Bug fix with the processValue function generating a warning (thanks to @sniemetz for letting us know about this issue)<\/li>\n<li>Slovak translation (thanks to Marek Letko)<\/li>\n<li>Tested up to WordPress 4.1.1<\/li>\n<\/ul>\n\n<h4>0.0.5<\/h4>\n\n<ul>\n<li>Minor text change<\/li>\n<\/ul>\n\n<h4>0.0.4<\/h4>\n\n<ul>\n<li>Added JSON detection to fix values not being handled for plugins like RevSlider (thanks to Alfred Dagenais for letting us know about this issue)<\/li>\n<li>Added double serialize detection for plugins like Global Content Blocks (thanks to @pixelkicks for letting us know about this issue)<\/li>\n<li>Tested plugin up to WordPress 4.0.0<\/li>\n<\/ul>\n\n<h4>0.0.3<\/h4>\n\n<ul>\n<li>Tested plugin up to WordPress 3.8.0<\/li>\n<\/ul>\n\n<h4>0.0.2<\/h4>\n\n<ul>\n<li>Added error suppression on unserialize calls, as failing unserialize are normal and part of the game. Thanks to Kailey Lampert for pointing this out.<\/li>\n<li>Added serialize(false) detection.<\/li>\n<\/ul>\n\n<h4>0.0.1<\/h4>\n\n<ul>\n<li>First released version. Tested internally with about 10 sites.<\/li>\n<\/ul>","raw_excerpt":"Automatically detects a domain name change, and updates all the WordPress tables in the database to reflect this change.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/22635","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=22635"}],"author":[{"embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/nuagelab"}],"wp:attachment":[{"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=22635"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=22635"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=22635"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=22635"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=22635"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/pcd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=22635"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}