1. Home
  2. Docs
  3. Engineering
  4. WordPress


Installation & Server Deployment Configuration

See WordOps.

Mandatory Plugins

All WordPress sites (including About Lovia) and WooCommerce sites must have the following plugins:

  1. nginx helper. For purging nginx page cache (backed by Redis).
  2. Redis Object Cache. Support for object cache, backed by Redis.
  3. UpdraftPlus. For doing daily (database) and weekly (files) backups to our AWS S3 backup bucket.
  4. Yoast SEO. SEO helpers including Facebook OpenGraph support.

miniOrange Firebase

🔗 miniOrange Firebase Plugin

TODO: Due to privacy reasons, default username should not be from email. It’s much better to use several starting characters then append n-digit random number. May allow user to change the username to something else.


🔗 How to Create an Intranet for Small Businesses with WordPress (Easy)

Also consider: BuddyPress Username Changer / Username Changer

Useful Plugins

PluginUsage Notes
User Role EditorAssign permissions to roles. For example, Lovia allows Contributors the “upload_files” permission.
RedirectionManage URL/page redirects.
WPFormsForm builder for contact, payment, survey, newsletter subscription, registration, etc.
ElementorPage builder.
Astra Pro (Premium)Premium theme/addons for the base free Astra theme.
Advanced GutenbergNeeded to have image lightbox for Gallery/Carousel.
Ultimate Addons for GutenbergAdditional Gutenberg widgets.
Ultimate Addons for Elementor (Premium)Additional Elementor widgets, including for WooCommerce.
Premium Starter TemplatesStarter templates for Astra.
Convert Pro (Premium)Conversion optimization tools.
Post Type SwitcherChange Post to Page and vice versa, or other Post Types.
Elementor Pro
Elementor Extras
WP Rocket
Premium Addons Pro
Crocoblock (18 Jet plugins)
Rank Math (free)Supports WooCommerce. Replaces: Yoast (Pro), Schema Pro (Premium), SEO Press Pro
MultilingualPress (Premium) (vs WPML vs Polylang)Alternative: Bilingual Linker, Multisite Language Switcher
Pods FrameworkReplaces: Meta Box / ACF
Nested Pages
Easy Table of ContentsInclude Table of Contents automatically in a post or page. Used by About Lovia for non-knowledge base pages.
Simple Image SizesAdds custom image sizes for use in Gutenberg post editor or Elementor image widgets.
Temporary Login without PasswordTo give admin access (temporary) to third-party vendor.

Replace WP User Avatar (ProfilePress) with simple-local-avatars

sudo -H -u www-data wp plugin deactivate wp-user-avatar
sudo -H -u www-data wp plugin delete wp-user-avatar
sudo -H -u www-data wp plugin install simple-local-avatars
sudo -H -u www-data wp plugin activate simple-local-avatars
sudo -H -u www-data wp cache flush


Kadence WooCommerce Email DesignerEasily customize the default transactional WooCommerce email templates
Dokan Multi-VendorFor marketplace / multiple vendors in one WooCommerce site. Facebook Group:

FusionAuth SSO with Open ID Connect

In FusionAuth’s application configuration, configure authorized redirect URIs as follows:


Dokan Multi-Vendor

Change vendor welcome setup wizard:

Knowledge Base Plugins

Needed for About Lovia site. Is also a good use case to integrate with FAQ/knowledge base chatbot.



  • BWL Knowledge Base. $29 – $145 extended.
  • Knowledge Base. $39 – $195 extended.
  • Heroic Knowledge Base. $129 for single site – $399 for 10 websites.
  • Knowledge Center. Freemium, $99 single – $799 for 10 sites.
  • MinervaKB. $35 – $92.
  • Echo Knowledge Base [popular]. $23-30/site.
  • WP Knowledgebase [free].
  • Helpie WP. $49.
  • BetterDocs (from the developer of Essential Addons for Elementor). Pro includes chatbot. $39-49/year.
  • weDocs (currently free including the ratings feature, from the developer of Dokan). Used by weDevs themselves.

AWS CloudFront (CDN) + AWS WAF (Web Application Firewall)

See CloudFront.

Security: Wordfence Plugin, Disable File & Plugin Editing

  1. Install & activate Wordfence plugin
(pushd && sudo -H -u www-data wp plugin install wordfence && sudo -H -u www-data wp plugin activate wordfence)

2. Go to settings to set the alert email ([email protected] which is forwarded to Hendy Irawan)

3. Enable auto-update.

4. Enable optimize NGINX.

5. Disallow file edit and file/plugin modifications:

In /var/www/domain.tld/wp-config.php:

define( 'DISALLOW_FILE_EDIT', true );
/* disable adding plugins */
define( 'DISALLOW_FILE_MODS', true );

Reference: FAQ: My site was hacked

Updating Plugins, Theme, and WordPress Core

Read timeouts will break WordPress update using web UI. Especially if you use CloudFront, which limits origin read timeout to 30 seconds, although it can be extended to 60 seconds (which is still not enough). The best way to update WordPress is by using WP CLI:

update_plugins_themes() {
  echo ============== Updating: $1 =============
  cd "/var/www/$1/htdocs"
  sudo -H -u www-data wp theme update --all
  sudo -H -u www-data wp plugin update --all
  # Below needed if you use WooCommerce:
  # sudo -H -u www-data wp wc update
  sudo -H -u www-data wp core update
  sudo -H -u www-data wp core update-db
  sudo -H -u www-data wp language core update
  sudo -H -u www-data wp cache flush
  echo ============== Finished: $1 =============

For updating multiple sites, create ~/update-plugins-themes.php with contents similar to above for each site.

If you get: “Warning: Failed to create directory ‘/var/www/.wp-cli/cache/’: mkdir(): Permission denied.” Solution is:

sudo mkdir /var/www/.wp-cli
sudo chown -R www-data:ubuntu /var/www/.wp-cli
sudo chmod -R g+w /var/www/.wp-cli

Remote Development with Visual Studio Code

To edit plugins and themes on-site, you can use Remote-SSH extension.

Preparation: You will need:

  1. Add ubuntu user to www-data group.
  2. chgrp the folder to www-data, and set chmod -R g+w.
  1. Install Remote-SSH extension.
  2. Edit your ~/.ssh/config file.
  3. In VS Code, Ctrl+Shift+P > Remote-SSH: Connect to remote host…
  4. Choose your host (detects your ~/.ssh/config file). Wait until it connected successfully.
  5. Click Open Folder. Choose/type your folder, e.g. /var/www/
  6. Now you can work on the folder.

Database Diagram

The diagram below is a standard diagram that is already installed on wordpress.

Table Overview

Table NameDescription
wp_commentmetaEach comment features information called the meta data and it is stored in the wp_commentmeta
wp_commentsThe comments within WordPress are stored in the wp_comments table.
wp_linksHolds information related to the links entered into the Links feature of WordPress.
The Options set under the Administration > Settings panel are stored in the wp_options table. See Option Reference for option_name and default values.
wp_postmetaEach post features information called the meta data and it is stored in the wp_postmeta. Some plugins may add their own information to this table.
wp_postsThe core of the WordPress data is the posts. It is stored in the wp_posts table. Also Pages and navigation menu items are stored in this table.
wp_termsThe categories for both posts and links and the tags for posts are found within the wp_terms table.
wp_termmetaEach term features information called the meta data and it is stored in wp_termmeta.
wp_term_relationshipsPosts are associated with categories and tags from the wp_terms table and this association is maintained in the wp_term_relationships table. The association of links to their respective categories are also kept in this table.
wp_term_taxonomyThis table describes the taxonomy (categorylink, or tag) for the entries in the wp_terms table.
wp_usermetaEach user features information called the meta data and it is stored in wp_usermeta.
wp_usersThe list of users is maintained in table wp_users.


How can we help?