Managing WordPress

Update: Since writing this post, WordPress has added a nice, built-in interface for updating both itself and plugins (if they’re installed from the official WP directory). There are also database backup plugins that apparently work well. I’ve not tried any of these things, however. I still use this method and it has never failed me. (This blog no longer runs on WordPress, but I do still maintain several WordPress blogs for work and for fun.)

Since I’ve been managing a WordPress MU install for Contexts Blogs, I’ve picked up a few tips for the best way to manage WordPress. The way 90% of WordPress blogs are installed and managed (maybe more than that) is either 1) downloading the .zip file from wordpress.org or 2) using some sort of installer script through a web host (the one I’ve used is called “fantastico”). The problem with both of these is that upgrades are difficult: web hosts’ scripts don’t offer upgrades (none that I know of anyway), so manually FTP’ing into the site and overwriting all the old files with the new ones is the way most people upgrade…if they upgrade at all. Additionally, one of Wordpress’ strengths is it’s extensibility: using Plugins, you can do pretty much anything with your site. Again, though, if you don’t stay on top of upgrading plugins, they may just break when, and if, you upgrade WordPress. Not upgrading is a problem: just follow Blogsecurity.net to see the importance of keeping everything up-to-date. Additionally, most people don’t have backups of their blog, so if an upgrade does hose their site, they’re screwed.

Fortunately, there’s a much better way to do it. In fact, from what I can tell, this other option is the way the developers of WordPress do it. Unfortunately, it’s quite geeky and has a bit of a learning curve. If you have some very basic unix shell skills, though, and develop some good habits about updates & plugins, you can make managing WordPress much more manageable. Plus, these are skills that transfer nicely to other tasks: these are good things to know in the world of computers and this is a nice, concrete project to give you an introduction.

In short, here’s what you need to do:

  1. Get shell access from your (unix-based) web host. If they won’t give this to you, get a new web host that doesn’t suck.
  2. Use subversion, a version control system, for installing & updating Wordpress.
  3. Use a simple shell script, run nightly as a cron job, to backup your wp files and your database.
  4. Use an RSS reader to subscribe to feeds for WP & all your plugins to keep track of updates. Some plugins even have subversion access as well.

1. Shell access

If you don’t know anything about a Unix command line, this will be a huge barrier to using this method. In fact, it is at this point that you may close the browser window and say, “Forget it - I can’t believe the WordPress people haven’t made a better upgrading system yet.” You’re probably justified in feeling that way. On the other hand, learning Unix shell basics is a bit like learning basic HTML: no one who interacts with and on the web will ever regret learning HTML. Likewise, no one who does any kind of system administration, especially on remote servers like your web host, ever really regrets learning Unix basics. You may not use them much, and you may not like them—but they’re very handy and open a lot of doors to you. There are a lot of ways to learn, such as the fun, and free, online book Unix for the Beginning Mage. Google around though: there are many more.

Ok, so either you’re off to learn some mad Unix skillz, you’ve got them already or you’ve left me entirely. Onward…

2. Subversion

Subversion is a version control system that programmers use to manage their source code. Fortunately, to use for this situation, you barely need to know any subversion at all: just a few simple commands. First, navigate to the directory you want to install wordpress in and run this command:

$ svn list http://svn.automattic.com/wordpress/tags

That will list all the versions of wordpress. Find the most recent version (as of this writing, 2.5.1) and run this:

$ svn checkout http://svn.automattic.com/wordpress/tags/2.5.1 .

This will copy all the files into your current directory. (That’s why the “.” at the end is important.)

Now in a few months or weeks or days when WordPress gets updated (here we’ll pretend 2.5.2 is out), all you have to do is cd to your wordpress directory again and issue one command to “switch” from the “2.5.1” tag to the “2.5.2” tag:

$ svn switch http://svn.automattic.com/wordpress/tags/2.5.2

After that, just run the upgrade script from your browser at wp-admin/upgrade.php. (You can do this every time, but you’ll only need to do it if the database version changes: just watch wp-includes/version.php for changes.)

Really that’s it. Of course, the output you get from these commands may not mean much to you. To really understand what you’re doing, just read the first few chapters of Version Control with Subversion, another free online book.

To get a more detailed introduction to using Wordpress with Subversion, including details on how to turn an existing blog into a subversion-managed blog, read the official guide at wordpress.org.

3. Backups

Ok, so now upgrading WordPress is under control, what about setting up regular backups. The easiest way to do this (assuming, like we have this whole post, that you’re now comfortable with a Unix command line) is to write a simple shell script that will a) backup your files, and b) backup your database and then schedule it to run daily with cron. So:

First, Here is a shell script I put together for backing up both your wp files & database. Edit all the variables at the top of the script correctly and it should make a timestamped backup archive of all your files & database in a backup directory of your choosing. Rather than overwriting the old backup each night, I have it set to save backups for three nights (so every time you run the script it looks for archives older than three days and removes them). This is an approach that makes sense for me given a) the amount of insurance I want to have in case something goes wrong, b) the storage space I have available to me and the relatively small size of my blog’s wp-content directory. This may not work as well for you.

So run the script interactively at the prompt and make sure everything is working and then you can schedule it with cron by typing crontab -e to edit your crontab. If you’re not familiar with cron, just google “cron tutorial” and you’ll find a million good introductions. Like anything in Unix, scheduling something in cron is just a matter of editing a text file. The challenge is just figuring out the format of the damn text file! Here’s a sample:

# m h  dom month dow command
00 2 * * * /home/jon/bin/wpbu >> /home/jon/backups/wpbu-log.txt

So the first five things in there, 00 2 * * *, tell cron when to run (in this case daily at 2am) and the last part is the command to run. So I’ve saved my backup script to ~/bin and called it wpbu. I also direct the output of the command to a text file. This might explain some of the echo commands in the script now: it makes for an easy to read log file to check and make sure your backup actually worked.

(So this leaves you with automated nightly updates of your blog, saving three days worth of backups. I also have my home machine ssh into my webhost once a week and grab the most recent backup as well with this script. Just fill in the variables and schedule it in cron. To have it only run on Sundays at 12:00, for example, use 00 12 * * 0.)

4. Keep up-to-date

The next thing to do is to keep up-to-date on when WordPress is updated (subscribe to the RSS feed for the WordPress development blog) as well as any plugins you may use. But when picking out plugins, there are a few things to look for:

Enjoy!