I use the following migration process in these cases:
- Change DNS TTL to minimum value
- Wait for DNS TTL to update
- Copy keys / certificates to new server
- Put site to maintenance mode
- Synchronise files/database to new server
- Set up reverse proxy from old server to new server
- Remove maintenance mode on new server
- Change DNS entries to point to new server
Step 6 ensures that end users don’t end up to the old server even though their DNS has resolved to the old server IP.
After this, keep monitoring the old server logs to see when traffic has stopped there. Then you can dismantle the old setup.
Reverse proxy is set up using
proxy_pass directive. If end user IP address is important information, you need to add it into HTTP headers on the old server -> new server requests, and tell new server to use the header value as the IP address.