wordpress_issues []

This is an old revision of the document!

Wordpress Permissions

Replace ${WP_ROOT} with the directory location of wordpress. If you are already in the wp document root, replace with a dot .

find ${WP_ROOT} -exec chown :apache {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;

Auto Install Plugins (without FTP/FTPs details)

vim /var/www/vhost/website/wp-config.php

define('FS_METHOD', 'direct');

Install Plugins with FTP (auto)

define('FTP_BASE', '/var/www/vhosts/example.com/httpdocs/');
define('FTP_CONTENT_DIR', '/var/www/vhosts/example.com/httpdocs/wp-content/');
define('FTP_PLUGIN_DIR ', '/var/www/vhosts/example.com/httpdocs/plugins/');
#define('FTP_PUBKEY', '/var/www/vhosts/example.com/httpdocs/.ssh/id_rsa.pub');
#define('FTP_PRIKEY', '/var/www/vhosts/example.com/httpdocs/.ssh/id_rsa');
define('FTP_USER', 'FTPusername');
define('FTP_PASS', 'FTPpassword');
define('FTP_HOST', 'localhost');
define('FTP_SSL', false);

Changing Site URL

Check the current URL, first select the database with the 'use' command (eg. use live_database;):

SELECT * FROM wp_options WHERE option_name = 'siteurl' OR option_name = 'home' ;

Now we can update the URL:

UPDATE wp_options SET option_value = 'http://notes.lukeslinux.co.uk' WHERE option_name = 'siteurl' OR option_name = 'home';

Deterring wp-login attacks

Add the following to your htaccess.
The following code stops any ip address posting to your wp-admin page that does not have a referrer or user-agent set.
An example log entry is:

x.x.x.x - - [23/Aug/2016:17:25:40 +1000] "POST /wp-login.php HTTP/1.0" 403 214 "-" "-"

Code:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{HTTP_REFERER} !^https://(.*)?reaa\.com\.au [NC]
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteRule ^(.*)$ - [F,L]
</IfModule>