Skip to main content

WordPress

Recipe Features Explained

Let's breakdown the recipe to deploy a new WordPress site.

See Full Deployment Script 
source: https://wordpress.org/latest.zip#wordpress
features:
  - mysql
nginx:
  root: public_html
  fastcgi: "on"
  locations:
    - match: /
      try_files: $uri $uri/ /index.php$is_args$args
    - match: ~ /xmlrpc\.php$
      deny: all
commands:
  - cp wp-config-sample.php wp-config.php
  - sed -i "s/database_name_here/${DATABASE}/g" wp-config.php
  - sed -i "s/username_here/${USERNAME}/g" wp-config.php
  - sed -i "s/password_here/${PASSWORD}/g" wp-config.php
  - sed -i "s/utf8/utf8mb4/g" wp-config.php
  - curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
  - mkdir -p ~/.local/bin && mv wp-cli.phar ~/.local/bin/wp && chmod +x $_
source: https://wordpress.org/latest.zip#wordpress
features:
  - mysql

This script extracts WordPress to ~/public_html and sets up a new database.

nginx:
  root: public_html
  fastcgi: "on"
  locations:
    - match: /
      try_files: $uri $uri/ /index.php$is_args$args
    - match: ~ /xmlrpc\.php$
      deny: all

This script declare NGINX Configuration. It means three thing:

  1. fastcgi: "on" means PHP processing is turned on.

  2. match: / means for all requests, do try_files: $uri $uri/ /index.php$is_args$args. It means try static files first then process root /index.php if nothing found.

  3. match: ~ /xmlrpc\.php$ means for requests to xmlrpc.php, do deny: all. This blocks the most common vector from DoS attack.

commands:
  - cp wp-config-sample.php wp-config.php
  - sed -i "s/database_name_here/${DATABASE}/g" wp-config.php
  - sed -i "s/username_here/${USERNAME}/g" wp-config.php
  - sed -i "s/password_here/${PASSWORD}/g" wp-config.php
  - sed -i "s/utf8/utf8mb4/g" wp-config.php

This script auto configure the database connection for WordPress so you don't have to tell them during installation.

commands:
  - curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
  - mkdir -p ~/.local/bin && mv wp-cli.phar ~/.local/bin/wp && chmod +x $_

This installs WP CLI. WP CLI is a utility to perform maintenance tasks for WordPress using SSH commands.

Using WP CLI

WP-CLI Documentation. WP CLI is a convenient tool to manage WordPress without using the site. This can be accessed via SSH.

Reinstall WordPress

If you believe your WordPress core files is altered you need to reinstall it.

wp core download --skip-content --force

Reference: https://developer.wordpress.org/cli/commands/core/download/

Reset User Password

If you forget your admin password you can reset it. First, find your username with wp user list then reset it with wp user reset-password.

wp user list
wp user reset-password '<username>' --skip-email --show-password