This documentation set is designed for managing WordPress as a headless CMS using WP-CLI. The project includes:
- Quick WordPress installation with headless configuration
- Content management through command line
- GraphQL API integration
- Routine task automation
- Security and performance optimization
| File | Description |
|---|---|
wp-cli-guide.md |
Complete guide for installing and using WP-CLI with headless WordPress |
quick-setup.sh |
Automated installation script |
wp-cli-examples.md |
Command examples for various scenarios |
quick-start-checklist.md |
Step-by-step setup checklist |
cd www
bash ../docs/quick-setup.shwp core version
wp db check
wp plugin list --status=active# Test query
curl -X POST http://localhost/wp-headless/graphql \
-H "Content-Type: application/json" \
-d '{"query":"{posts{nodes{id,title}}}"}'wp-headless/
├── docs/ # English WP-CLI Documentation
│ ├── README.md # This file
│ ├── wp-cli-guide.md # Main guide
│ ├── quick-setup.sh # Setup script
│ └── wp-cli-examples.md # Command examples
├── .docs/ # Russian Documentation (internal)
├── www/ # WordPress Installation
│ ├── wp-config.php # Configuration
│ ├── wp-content/ # Content
│ │ ├── plugins/ # Plugins
│ │ └── themes/ # Themes
│ └── console/ # Custom login console
└── README.md # Main project README
The project is configured to work with MariaDB:
- Host:
127.0.0.1:3306 - User:
root - Password: empty (default)
- Database:
wordpress_headless
If you need to modify database settings, edit the quick-setup.sh file:
# Change these variables
DB_NAME="your_database"
DB_USER="your_user"
DB_PASS="your_password"
DB_HOST="127.0.0.1:3306"The project includes multiple security layers:
- Protected admin access:
/console/instead of standard/wp-login.php - Login attempt limits: 3 attempts per temporary link
- Rate limiting: 5 attempts per hour per IP
- File editing disabled:
DISALLOW_FILE_EDIT = true - XML-RPC disabled: Prevents attack vectors
- Comments closed: by default
# Enable additional protections
wp config set FORCE_SSL_ADMIN true --type=constant
wp config set WP_DEBUG false --raw
wp config set WP_DEBUG_LOG false --raw- WPGraphQL: Main GraphQL provider
- MYGraphQL: Custom plugin for field control
# Get posts
{
posts {
nodes {
id
title
content
}
}
}
# Get pages with meta fields
{
pages {
nodes {
id
title
pageFields {
key
value
}
}
}
}Recommended cron tasks for maintenance:
# Daily at 2:00 AM
0 2 * * * cd /path/to/www && wp transient delete --expired
# Weekly on Mondays at 3:00 AM
0 3 * * 1 cd /path/to/www && wp db optimize && wp post delete $(wp post list --post_type=revision --date_before="90 days ago" --format=ids)Use the provided scripts for automation:
# Full maintenance
bash docs/maintenance.sh
# Backup
bash docs/backup.sh
# Update
bash docs/update.sh# Generate test data
wp post generate --count=50 --post_type=post --post_status=publish
wp user generate --count=10
wp term generate --count=20 --taxonomy=category# Enable debugging
wp config set WP_DEBUG true --raw
wp config set WP_DEBUG_LOG true --raw
# View logs
tail -f wp-content/debug.logPull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
This project is licensed under the MIT License. See the LICENSE file in the project root.