Call for feedback: Introducing settings import/export with Blueprints

Brian Coords Avatar
Brian Coords

Setting up a WooCommerce store often involves configuring the same settings over and over again. In WooCommerce 9.9, we’ve introduced beta import/export tooling for WooCommerce settings to significantly reduce the time spent configuring settings. We’re asking for your feedback as we continue to iterate on this feature.

With Blueprint import and export, you’ll be able to:

  • Start a new store quickly with a predefined Blueprint configuration.
  • Share Blueprints rapidly across a team and use version control.
  • Easily change WooCommerce settings in the WP admin or via WC-CLI when testing a new feature.
  • The Blueprint import/export supports WooCommerce settings, plugins, and themes, not content-related data like products, orders, or customers.

Woo Blueprints are powered by the WordPress Playground blueprint JSON data format.

Screenshot of the WooCommerce Blueprint interface displaying options to import and export settings, plugins, and themes.

How it works

Export settings

Save a configuration by choosing which WooCommerce settings, plugins, and themes to include from the current store, then exporting them as a blueprint file.

Screenshot of the WooCommerce export settings interface, showcasing options for selecting various WooCommerce settings, plugins, and themes to export as a JSON file.

Import settings

Upload a blueprint file to quickly apply a previously saved configuration. You will be warned about the changes to be made before it proceeds.

Modal window warning about configuration override in WooCommerce settings during import process.

Blueprint format

A blueprint is a standard format used by WordPress Playground to define a site’s configuration. With this standard, the blueprint files exported by WooCommerce can even be imported elsewhere. 

Want to try the file in WordPress Playground? Go right ahead!

WC-CLI

You can also test the feature using WP-CLI using the wp wc blueprint command. See available parameters in the CLI documentation.

Extensibility

You can extend Blueprint by adding custom exporters, importers, or steps. This allows you to support new data types or custom site logic. Extension developers can read the developer documentation for examples.

Security

To ensure Blueprints are safe and reliable, we conducted a thorough security audit and implemented several protections across both the feature and its underlying infrastructure:

Strict schema validation

All Blueprint files are validated against a strict JSON schema before being applied. We’ve tightened the schema to reject unexpected fields and enforce stricter typing where possible.

Permission checks for every step

Only authorized users can import or export Blueprints. All REST API endpoints and background processes include permission checks to prevent unauthorized access.

Option restrictions

To mitigate risk, Blueprint imports enforce a blacklist that blocks updates to sensitive or high-risk WordPress options, such as:

  • Site URLs (siteurl, home)
  • User management and system–related settings

This allows most site configurations to be portable while protecting critical options from being unintentionally or maliciously overwritten.

Enhanced SQL execution safety

Blueprints support applying SQL changes as part of the import process. To ensure safety, only specific query types are allowed (INSERT, UPDATE, and REPLACE INTO), and each query is carefully validated before execution. Safeguards include:

  • Blocks unrecognized or unsafe SQL commands
  • Detects SQL injection patterns
  • Prevents writes to protected tables

These protections apply when executing imports, reducing the risk of unsafe or unexpected database changes.

Import is restricted to the Coming Soon mode

Blueprint imports are only allowed when the store is in Coming Soon mode to reduce the risk of accidental or unauthorized imports on production sites. This acts as a safeguard to prevent destructive configuration changes on live environments. If you’re developing locally or need to override this restriction (e.g., for staging/testing purposes), you can allow imports in live mode by defining a constant in your wp-config.php file:

define( 'ALLOW_BLUEPRINT_IMPORT_IN_LIVE_MODE', true );

Audit logging

Blueprint import and export operations are logged for traceability. You can view logs under WooCommerce > Status > Logs. Look for logs with the source wc-blueprint.

⚠️ Security Best Practices: Even with safeguards in place, we recommend reviewing Blueprint files before importing, especially if they come from a third party. Ensure the content looks as expected and avoid applying changes you don’t fully trust.

Try it out

The feature is available now in WooCommerce 9.9. Once installed, go to WooCommerce > Settings > Advanced > Blueprints to try importing or exporting a settings blueprint. You can also test the feature using WP-CLI.

Tell us what you think!

We would love to hear your thoughts! If you have any questions or suggestions, please leave your feedback in our GitHub Discussion, or drop by the WooCommerce Community Slack #developer-chat channel and let us know what you think.

Not a member of our Community Slack? Join here now.

6 responses to “Call for feedback: Introducing settings import/export with Blueprints”

  1. Marc Avatar
    Marc

    Nice work.
    Reading the doc https://woocommerce.com/document/woocommerce-blueprints, i have few questions :
    – Seems it can manage third part plugin settings, even themes (those available on wordpress.org).
    What about ACF fields ? works also ?
    What about ACF Pro, does not work ?
    Many plugins have a pro version, often the pro version is outside wp.org…
    What about woo plugins like WooCommerce Min/Max Quantities ?

    When we select plugins or theme, it will install them hereafter on the new site (after blueprint import), like on playground ? or we must have them installed before any import ?
    The payment settings have to be manually done, for safety : ok, like the several security controls you added, nice work

    Reply
    1. Chi-Hsuan Huang Avatar
      Chi-Hsuan Huang

      Thank you for your thoughtful feedback and questions! Marc.

      What about ACF fields ? works also ?
      What about ACF Pro, does not work ?
      Many plugins have a pro version, often the pro version is outside wp.org…
      What about woo plugins like WooCommerce Min/Max Quantities ?

      Blueprints currently support plugins and themes available on WordPress.org. This means ACF (free) can be included, but ACF Pro and other premium/pro plugins (including some Woo extensions) aren’t bundled in the Blueprint export/import process at this time. For plugins and themes to have their settings properly exported and imported through Blueprint, plugin/theme developers must implement Blueprint compatibility in their code.

      When we select plugins or theme, it will install them hereafter on the new site (after blueprint import), like on playground ? or we must have them installed before any import ?

      When importing a Blueprint, supported plugins and themes will be installed automatically—just like in Playground. For premium or custom plugins/themes, please install them manually before importing the Blueprint.

      We appreciate your feedback and are always looking to improve Blueprint’s compatibility and flexibility. If you have more suggestions or use cases, please let us know!

      Reply
  2. HOSEIN Avatar
    HOSEIN

    Excellent starting point! This feature will be really useful.

    I mentioned this great feature in another post. It would be nice if in the future this feature also allows exporting users, orders, and user reviews.

    This feature will be very useful in various scenarios.

    Thank you

    Reply
    1. Chi-Hsuan Huang Avatar
      Chi-Hsuan Huang

      Thank you so much for your kind words and for sharing your suggestions!
      We’re glad you find Blueprints useful. Exporting users, orders, and user reviews is a great idea, and we’ll definitely consider it when planning features.

      Reply
  3. Odirlon Avatar
    Odirlon

    One situation we are going through in our customers is:
    Arriving on days of shipping promotions, we have to adjust the promotions in all delivery areas, and then return to the end of the promotion. In that case, will we be able to use it? Will he bring the store settings for deliveries or delivery methods as well? We will test, but I am already looking with good eyes at something that is our daily life.

    Reply
    1. Chi-Hsuan Huang Avatar
      Chi-Hsuan Huang

      Thank you for sharing your real-world scenario! Odirlon.

      Yes, Blueprints can help with this. When you export a Blueprint, you can include your WooCommerce shipping settings and delivery methods. This means you can save your promotional shipping configuration as a Blueprint, apply it across stores or environments, and then easily revert to your standard settings when the promotion ends.

      We encourage you to test it out and let us know how it works for your workflow. Your feedback is invaluable as we continue to improve the feature!

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *