Numerous articles about getting started with or creating a WordPress website have been created by our team. But what happens if you buy an existing WordPress site which was developed by someone else? There are measures you can take to ensure a smooth and stress-free transfer to WordPress, and these procedures may be taken regardless of whether or not you are comfortable with WordPress. There are many different motivations for the sale of websites. You could be considering the purchase of a website that was created using WordPress. Or taking over the management of a website from someone who has either lost interest in it or become too busy to maintain it.

Regardless of the motivation, taking over the management of a WordPress site often feels burdensome. But if you take things one step at a time and deal with each of the problems that we cover in this post, you’ll find that it’s not insurmountable at all. You might even find that you’re looking forward to the experience.

[] 63ff21129cfb2

Let’s have a look at the steps that need to be taken in order for us to successfully take control of a website. Even though we’re focusing on WordPress websites in this article, many of these pointers are applicable to other kinds of websites as well.

Collect All of the Login Information, Including Email Addresses and Passwords

Whenever you buy a WordPress webpage, one of the most important things you need to do right away is collect all of the login and administration passwords, along with the email addresses linked with them. That is far easier to say than it is to actually accomplish. It is likely going to involve a little bit of conversation with the person who owned the business before you. You are fortunate, it will not be difficult if the owner is someone at your place of employment or at your workplace. On the other hand, if you communicate with the prior owner online, the process may be more difficult and time-consuming.

When gathering all of the credentials for a website, there are a few important aspects to keep in mind, including the following:

  • The majority of websites allow users to log in using more than one method. If you want to utilize Akismet or Jetpack on your WordPress site, you are going to require a account, which is normally associated with the site. It is possible for plugins and themes, particularly premium applications and motifs, to have user accounts as well.
  • Email addresses are linked to WordPress user profiles across the board, including the admin account. You have the ability to modify the admin email address once you have logged in with the WordPress admin password. However, changing the admin user email address will not affect the address that is used to administer the site. Go to Settings > General > Administration Email Address to make the necessary adjustments to the site admin address.
  • Don’t forget to write down your login information for any external services (website hosting, FTP, analytics, backup services, CDN, etc.). Be certain that you are familiar with and able to access all of the billing accounts that are associated with the site.
  • Move the domain name you want to use to an account that you have control over. That is not going to be relevant for the vast majority of business or work-related websites. However, you are required to hold ownership of the domain name for any website that you intend to purchase or take over. In the future, failing to pay attention to this particular aspect can result in a lot of difficulties.

Once you have obtained access to all of the passwords, the first thing you should do is, of course, reset those passwords. Once you have the admin login information, changing WordPress passwords is a simple process. However, the extensions and service operations might also need their email addresses updated in order to function properly.

Spend Some Time Getting Acquainted With the Back End of the WordPress Dashboard.

You could already be familiar with how WordPress operates; however, you will still need to learn how this WordPress site, in particular, is configured.

  • What kinds of plugins does it make use of?
  • Is there a central idea that it explores?
  • How are the settings for the widgets determined?
  • Is it using a CDN?
  • If there are other individuals, what are their duties, and if so, what permissions do they have?

Keeping a list of things that are unfamiliar to you or that have complex settings might be a useful organizational tool.

Examine the Permissions and Roles of the Users.

If the webpage has been contributed to by a number of different people, you will want to investigate their respective responsibilities and permissions. After you have had some time to become acquainted with the website, you might find it beneficial to limit admin capabilities to just yourself.

Even if you are the only creator and admin of the site, there may be content that was produced by other customers in the site’s history. You will want to disable or block the access of any visitors to the website that you have changed your mind about allowing access to. Altering the user email addresses and passwords can be accomplished with relative ease by taking advantage of the administrative permissions you possess. The drawback to using that method is that you will need to alter the email address to one that is active.

An email for the purpose of verifying the new address would be sent by WordPress. If you do not click the verification link, the account will continue to be associated with the previous email address. You could easily see how this may become a problem if you purchased a WordPress website that already had a significant number of users. There are, however, a few additional effective methods that can be used to disable individuals who should no longer have access.

Remove the user entirely. This nuclear option is not one that would advocate because it deletes all of the author’s information (or transfers it to admin). Use this strategy only if you plan to credit yourself as the creator of everything that is found on the website. Make the user role “No role for this site” the default setting. The user will not be able to make any changes, but they will still be able to check in to the administrative section of the website. They won’t see anything other than a blank page, but you can decide that you don’t want them to have any access at all. Visitors can be blocked using a plugin. It is simple to implement, and as long as the plugin is running, it will prevent the blocked people from accessing the site.

Review Plugin Configuration:

If you’ve been keeping up, that means you’ve familiarized yourself with the website and checked out the different plugin options. However, there are more plugin options that you should look at. To give one example, the setup of contact forms typically includes a field for entering an email address. Be careful to replace that with an email address you have control over as soon as possible. Plugins for social media platforms and search engine optimization frequently direct users to certain social profiles or email addresses. Make any necessary changes to those that you find.

Tracking and Search Engine Optimization Integration:

It would be fantastic if you could get the current Google Analytics property and Search Console for the site moved to you if at all possible. If, however, you need to begin the process from scratch, you will be required to update the tracking codes. You may accomplish this task within your Analytics account or by using Tag Manager. Website verification codes are also used by services such as heatmaps (like the one provided by CrazyEgg) and other visitor activity trackers. In the event that you are unable to access those already existing accounts, you will be required to create new accounts with unique tracking codes.

Take a broom with you, and start cleaning up the webpage:

Virtual broom is the obvious choice here. You are not permitted to show up at the data center where your website is housed carrying a broom. They will not let you into the door, and it is likely that they will call the police on you. What you need to get rid of are any customers, plugins, and templates that aren’t being used (as we discussed). You might also declutter and enhance the performance of the WordPress database. The procedure of removing plugins and themes is one that requires little effort on your part. The process of cleaning and optimizing the database can occasionally become more challenging. In addition, it can be incredibly nerve-wracking due to the fact that everything on your WordPress website is dependent on that database. Before you make any changes to your database, it is in your best interest to create a backup copy of it first. When it comes to database optimization, the task is typically best handled by a suitable plugin. In most cases, this is the best course of action.

Carry out scans for both performance and security.

You cannot put your faith in the fact that the former owner of a WordPress website took the necessary precautions to protect it when you buy that website. Therefore, you will want to check that the level of security is enough.

A security scan from one of several available commercial services will allow you to accomplish this goal. You might also install a security plugin such as Wordfence, which not only scans for vulnerabilities but also automatically patches them.

Performance assessments of websites can be helpful in a more general sense on occasion. However, most of them will only provide you with findings or a score and not any specific recommendations for improvements. Google Tools are where I go to get information on how well a website is performing. The information that the search console provides regarding issues with websites is extremely specific, and both Page Speed Insights and Lighthouse are vital. Taking Google’s suggestions into consideration might, at times, be a challenging and time-consuming endeavor. The functionality of your WordPress site, however, will improve if you take their recommendations into consideration when setting up your site.

Establish a staging site, and ensure that version control is in place.

It is feasible to “roll back” modifications that were made to your website that caused it to become inoperable thanks to version control and staging sites. If you are editing a template and your website crashes. As a result, you can easily revert to the previous version that was functional. A developer’s toolkit is not complete without version control. When discussing it, however, the topic of discussion can sometimes delve quite deeply into the specifics. There is a learning curve associated with using version control systems like Git, Subversion, CVS, and TFS. Nonetheless, using these systems is beneficial once you are familiar with how they operate. There is a less time-consuming approach to change testing that you can use if you do not wish to study conventional methods of version control with a location for staging.

Install a System That Can Take Automated Backups.

During the segment on cleaning up the website, we discussed creating a backup of the database. In addition, the procedures described in the post that linked will successfully back up the entirety of your website. But if you don’t want your backups to depend on a plugin (or your host), you might think about using a remote backup service instead. There are literally hundreds of services out there that will back up both your websites and your databases. Your willingness to deal with difficult configurations and your available funds will determine which option is best for you.

Enhance the Capabilities of Your Hosting Service

The topic of enhancing the performance of websites, and as mentioned that anything you do to improve this aspect would have a beneficial impact. What happens, though, if you buy a WordPress website and make every effort to improve its performance, but it continues to be unreliable or sluggish?


There are a lot of different factors to take into consideration, but if you are methodical and pay great attention to the particulars, you will be successful. All WordPress sites share common elements, but they’re all different.