WordPress

Installation & Server Deployment Configuration

See WordOps.

Mandatory Plugins

All WordPress sites (including About Lovia) and WooCommerce sites must have the following plugins:

1. nginx helper. For purging nginx page cache (backed by Redis).
2. Redis Object Cache. Support for object cache, backed by Redis.
3. UpdraftPlus. For doing daily (database) and weekly (files) backups to our AWS S3 backup bucket.
4. Yoast SEO. SEO helpers including Facebook OpenGraph support.

miniOrange Firebase

🔗 miniOrange Firebase Plugin

TODO: Due to privacy reasons, default username should not be from email. It’s much better to use several starting characters then append n-digit random number. May allow user to change the username to something else.

BuddyPress

🔗 How to Create an Intranet for Small Businesses with WordPress (Easy)

Also consider: BuddyPress Username Changer / Username Changer

Useful Plugins

Plugin	Usage Notes
User Role Editor	Assign permissions to roles. For example, Lovia allows Contributors the “upload_files” permission.
Redirection	Manage URL/page redirects.
WPForms	Form builder for contact, payment, survey, newsletter subscription, registration, etc.
Elementor	Page builder.
Astra Pro (Premium)	Premium theme/addons for the base free Astra theme.
Advanced Gutenberg	Needed to have image lightbox for Gallery/Carousel.
Ultimate Addons for Gutenberg	Additional Gutenberg widgets.
Ultimate Addons for Elementor (Premium)	Additional Elementor widgets, including for WooCommerce.
Premium Starter Templates	Starter templates for Astra.
Convert Pro (Premium)	Conversion optimization tools.
Post Type Switcher	Change Post to Page and vice versa, or other Post Types.
Elementor Pro
Elementor Extras
WP Rocket
Premium Addons Pro
Crocoblock (18 Jet plugins)
Rank Math (free)	Supports WooCommerce. Replaces: Yoast (Pro), Schema Pro (Premium), SEO Press Pro
MultilingualPress (Premium) (vs WPML vs Polylang)	Alternative: Bilingual Linker, Multisite Language Switcher
Pods Framework	Replaces: Meta Box / ACF
Nested Pages
Easy Table of Contents	Include Table of Contents automatically in a post or page. Used by About Lovia for non-knowledge base pages.
Simple Image Sizes	Adds custom image sizes for use in Gutenberg post editor or Elementor image widgets.
Temporary Login without Password	To give admin access (temporary) to third-party vendor.

Replace WP User Avatar (ProfilePress) with simple-local-avatars

sudo -H -u www-data wp plugin deactivate wp-user-avatar
sudo -H -u www-data wp plugin delete wp-user-avatar
sudo -H -u www-data wp plugin install simple-local-avatars
sudo -H -u www-data wp plugin activate simple-local-avatars
sudo -H -u www-data wp cache flush

WooCommerce

Plugin	Description
Kadence WooCommerce Email Designer	Easily customize the default transactional WooCommerce email templates
Dokan Multi-Vendor	For marketplace / multiple vendors in one WooCommerce site. Facebook Group: https://www.facebook.com/groups/dokanMultivendor

FusionAuth SSO with Open ID Connect

In FusionAuth’s application configuration, configure authorized redirect URIs as follows:

• https://about.lovia.id/wp-admin/admin-ajax.php?action=openid-connect-authorize
• https://about.lovia.id/wp-login.php?loggedout=true&wp_lang=en_US
• https://about.lovia.id/wp-login.php?loggedout=true&wp_lang=id_ID

Dokan Multi-Vendor

Change vendor welcome setup wizard: https://nayemdevs.com/how-to-change-vendor-setup-wizard-text-in-dokan-multivendor/

Knowledge Base Plugins

Needed for About Lovia site. Is also a good use case to integrate with FAQ/knowledge base chatbot.

Comparison/reviews:

• https://www.formget.com/knowledge-base-wordpress-plugins/
• https://wpleaders.com/wordpress-documentation-knowledge-base-plugins/

Candidates:

• BWL Knowledge Base. $29 – $145 extended.
• Knowledge Base. $39 – $195 extended.
• Heroic Knowledge Base. $129 for single site – $399 for 10 websites.
• Knowledge Center. Freemium, $99 single – $799 for 10 sites.
• MinervaKB. $35 – $92.
• Echo Knowledge Base [popular]. $23-30/site.
• WP Knowledgebase [free].
• Helpie WP. $49.
• BetterDocs (from the developer of Essential Addons for Elementor). Pro includes chatbot. $39-49/year.
• weDocs (currently free including the ratings feature, from the developer of Dokan). Used by weDevs themselves.

AWS CloudFront (CDN) + AWS WAF (Web Application Firewall)

See CloudFront.

Security: Wordfence Plugin, Disable File & Plugin Editing

1. Install & activate Wordfence plugin

(pushd lovia.life/htdocs && sudo -H -u www-data wp plugin install wordfence && sudo -H -u www-data wp plugin activate wordfence)

2. Go to settings to set the alert email ([email protected] which is forwarded to Hendy Irawan)

3. Enable auto-update.

4. Enable optimize NGINX.

5. Disallow file edit and file/plugin modifications:

In /var/www/domain.tld/wp-config.php:

define( 'DISALLOW_FILE_EDIT', true );
/* disable adding plugins */
define( 'DISALLOW_FILE_MODS', true );

Reference: FAQ: My site was hacked

Updating Plugins, Theme, and WordPress Core

Read timeouts will break WordPress update using web UI. Especially if you use CloudFront, which limits origin read timeout to 30 seconds, although it can be extended to 60 seconds (which is still not enough). The best way to update WordPress is by using WP CLI:

#!/bin/bash
update_plugins_themes() {
  echo ============== Updating: $1 =============
  cd "/var/www/$1/htdocs"
  sudo -H -u www-data wp theme update --all
  sudo -H -u www-data wp plugin update --all
  # Below needed if you use WooCommerce:
  # sudo -H -u www-data wp wc update
  sudo -H -u www-data wp core update
  sudo -H -u www-data wp core update-db
  sudo -H -u www-data wp language core update
  sudo -H -u www-data wp cache flush
  echo ============== Finished: $1 =============
  echo
}

For updating multiple sites, create ~/update-plugins-themes.php with contents similar to above for each site.

If you get: “Warning: Failed to create directory ‘/var/www/.wp-cli/cache/’: mkdir(): Permission denied.” Solution is:

sudo mkdir /var/www/.wp-cli
sudo chown -R www-data:ubuntu /var/www/.wp-cli
sudo chmod -R g+w /var/www/.wp-cli

Remote Development with Visual Studio Code

To edit plugins and themes on-site, you can use Remote-SSH extension.

Preparation: You will need:

1. Add ubuntu user to www-data group.
2. chgrp the folder to www-data, and set chmod -R g+w.

1. Install Remote-SSH extension.
2. Edit your ~/.ssh/config file.
3. In VS Code, Ctrl+Shift+P > Remote-SSH: Connect to remote host…
4. Choose your host (detects your ~/.ssh/config file). Wait until it connected successfully.
5. Click Open Folder. Choose/type your folder, e.g. /var/www/lovia.life/htdocs/wp-content/plugins.
6. Now you can work on the folder.

Database Diagram

The diagram below is a standard diagram that is already installed on wordpress.

Table Overview

Table Name	Description
wp_commentmeta	Each comment features information called the meta data and it is stored in the wp_commentmeta .
wp_comments	The comments within WordPress are stored in the wp_comments table.
wp_links	Holds information related to the links entered into the Links feature of WordPress.
wp_options	The Options set under the Administration > Settings panel are stored in the wp_options table. See Option Reference for option_name and default values.
wp_postmeta	Each post features information called the meta data and it is stored in the wp_postmeta. Some plugins may add their own information to this table.
wp_posts	The core of the WordPress data is the posts. It is stored in the wp_posts table. Also Pages and navigation menu items are stored in this table.
wp_terms	The categories for both posts and links and the tags for posts are found within the wp_terms table.
wp_termmeta	Each term features information called the meta data and it is stored in wp_termmeta.
wp_term_relationships	Posts are associated with categories and tags from the wp_terms table and this association is maintained in the wp_term_relationships table. The association of links to their respective categories are also kept in this table.
wp_term_taxonomy	This table describes the taxonomy (category, link, or tag) for the entries in the wp_terms table.
wp_usermeta	Each user features information called the meta data and it is stored in wp_usermeta.
wp_users	The list of users is maintained in table wp_users. .