wordpress-setup
This skill establishes and verifies connection to a WordPress site using either WP-CLI over SSH or the REST API, then stores authenticated credentials for ongoing management. Use it when initially connecting to a WordPress installation, setting up WP-CLI access, creating application passwords, or troubleshooting authentication and connectivity issues.
git clone --depth 1 https://github.com/jezweb/claude-skills /tmp/wordpress-setup && cp -r /tmp/wordpress-setup/plugins/wordpress/skills/wordpress-setup ~/.claude/skills/wordpress-setupSKILL.md
# WordPress Setup
Connect to a WordPress site and verify working access via WP-CLI or REST API. Produces a verified connection config ready for content management and Elementor editing.
## Workflow
### Step 1: Check WP-CLI
```bash
wp --version
```
If not installed, guide the user:
```bash
# macOS/Linux
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x wp-cli.phar
sudo mv wp-cli.phar /usr/local/bin/wp
```
Also ensure the SSH extension is available (needed for remote sites):
```bash
wp package install wp-cli/ssh-command
```
### Step 2: Connect to the Site
**Option A: WP-CLI over SSH (preferred)**
```bash
wp --ssh=user@hostname/path/to/wordpress option get siteurl
```
Common patterns:
- Rocket.net: `wp --ssh=user@hostname/www/sitename/public option get siteurl`
- cPanel: `wp --ssh=user@hostname/public_html option get siteurl`
- Custom: Ask user for SSH user, host, and WordPress path
Test with a simple command first:
```bash
wp --ssh=user@host/path core version
```
**Option B: REST API with Application Password**
If SSH isn't available:
1. Navigate to `https://example.com/wp-admin/profile.php` (or use browser automation)
2. Scroll to "Application Passwords" section
3. Enter a name (e.g. "Claude Code") and click "Add New Application Password"
4. Copy the generated password (spaces are part of it but optional in auth)
Test the connection:
```bash
curl -s https://example.com/wp-json/wp/v2/posts?per_page=1 \
-u "username:xxxx xxxx xxxx xxxx xxxx xxxx" | jq '.[0].title'
```
### Step 3: Store Credentials
**For WP-CLI SSH** — create a `wp-cli.yml` in the project root:
```yaml
ssh:
sitename:
cmd: ssh -o StrictHostKeyChecking=no %pseudotty% user@hostname %cmd%
url: /path/to/wordpress
```
Then use: `wp @sitename option get siteurl`
**For REST API** — store in `.dev.vars`:
```
WP_SITE_URL=https://example.com
WP_USERNAME=admin
WP_APP_PASSWORD=xxxx xxxx xxxx xxxx xxxx xxxx
```
Ensure `.dev.vars` is in `.gitignore`. For cross-project use, store in your preferred secrets manager (environment variable, 1Password CLI, etc.).
### Step 4: Verify Full Access
Run a comprehensive check:
```bash
# Site info
wp @sitename option get siteurl
wp @sitename option get blogname
# Content access
wp @sitename post list --post_type=page --posts_per_page=5 --fields=ID,post_title,post_status
# Plugin status (check for Elementor)
wp @sitename plugin status elementor
# Theme info
wp @sitename theme status
```
### Step 5: Save Site Config
Create `wordpress.config.json` for other skills to reference:
```json
{
"site": "example.com",
"siteUrl": "https://example.com",
"accessMethod": "ssh",
"sshAlias": "sitename",
"wpPath": "/path/to/wordpress",
"hasElementor": true,
"elementorVersion": "3.x.x"
}
```
---
## Critical Patterns
### SSH Connection Issues
| Symptom | Fix |
|---------|-----|
| `Permission denied (publickey)` | Check SSH key: `ssh -v user@host` |
| `wp: command not found` via SSH | WP-CLI not in remote PATH — use full path: `/usr/local/bin/wp` |
| `Error: This does not appear to be a WordPress installation` | Wrong path — check `wp-path` argument |
| Timeout on large operations | Add `--ssh=user@host/path --allow-root` or increase SSH timeout |
### WP-CLI Aliases
Define aliases in `~/.wp-cli/config.yml` for frequently-accessed sites:
```yaml
@client1:
ssh: user@client1.example.com/www/public
@client2:
ssh: user@client2.rocketcdn.me/www/client2/public
```
Then: `wp @client1 post list`
### REST API Gotchas
- Application passwords require HTTPS (won't work on HTTP)
- Some security plugins block REST API — check for 401/403 responses
- Caching plugins may serve stale REST responses — use `?_=${timestamp}` cache buster
- Custom post types need `show_in_rest: true` to appear in API
---
## Reference Files
- `references/wp-cli-essentials.md` — SSH alias patterns, common flags, and troubleshootingHit the Cloudflare REST API directly for operations that wrangler and MCP can't handle well. Bulk DNS, custom hostnames, email routing, cache purge, WAF rules, redirect rules, zone settings, Worker routes, D1 cross-database queries, R2 bulk operations, KV bulk read/write, Vectorize queries, Queues, and fleet-wide resource audits. Produces curl commands or scripts. Triggers: 'cloudflare api', 'bulk dns', 'custom hostname', 'email routing', 'cache purge', 'waf rule', 'd1 query', 'r2 bucket', 'kv bulk', 'vectorize query', 'audit resources', 'fleet operation'.
Scaffold and deploy Cloudflare Workers with Hono routing, Vite plugin, and Static Assets. Describe project, scaffold structure, configure bindings, deploy. Use whenever the user wants to create a Worker project, set up Hono on Cloudflare, configure D1 / R2 / KV / Queues bindings, or troubleshoot Worker export syntax, API route conflicts, HMR issues, or deployment failures.
Generate Drizzle ORM schemas for Cloudflare D1 databases with correct D1-specific patterns. Produces schema files, migration commands, type exports, and DATABASE_SCHEMA.md documentation. Handles D1 quirks: foreign keys always enforced, no native BOOLEAN/DATETIME types, 100 bound parameter limit, JSON stored as TEXT. Use when creating a new database, adding tables, or scaffolding a D1 data layer.
Cloudflare D1 migration workflow: generate with Drizzle, inspect SQL for gotchas, apply to local and remote, fix stuck migrations, handle partial failures. Use when running migrations, fixing migration errors, or setting up D1 schemas.
Generate database seed scripts with realistic sample data. Reads Drizzle schemas or SQL migrations, respects foreign key ordering, produces idempotent TypeScript or SQL seed files. Handles D1 batch limits, unique constraints, and domain-appropriate data. Use when populating dev/demo/test databases. Triggers: 'seed database', 'seed data', 'sample data', 'populate database', 'db seed', 'test data', 'demo data', 'generate fixtures'.
Scaffold Hono API routes for Cloudflare Workers. Produces route files, middleware, typed bindings, Zod validation, error handling, and API_ENDPOINTS.md documentation. Use after a project is set up with cloudflare-worker-builder or vite-flare-starter, when you need to add API routes, create endpoints, or generate API documentation.
Build a full-stack TanStack Start app on Cloudflare Workers from scratch — SSR, file-based routing, server functions, D1+Drizzle, better-auth, Tailwind v4+shadcn/ui. Use whenever the user mentions TanStack Start, asks to scaffold a full-stack Cloudflare app with SSR, wants an SSR dashboard, or asks for a React 19 + Cloudflare Workers app with file-based routing and server functions — even if they don't name TanStack Start specifically. No template repo — Claude generates every file fresh per project.
Scaffold a full-stack Cloudflare app from the vite-flare-starter template — React 19 + Hono + D1+Drizzle + better-auth + Tailwind v4+shadcn/ui + TanStack Query + R2 + Workers AI. Run setup.sh to clone, configure, and deploy. Use whenever the user wants a batteries-included Cloudflare full-stack app, vite-flare-starter scaffold, or a React + Cloudflare app with auth + database + Workers AI ready to go.