forcing deactivating of plugins via mysql

 In the WordPress database, you find there's a table called wp_options inside that table is an option called active_plugins . You can see it by typing: mysql> describe wp_options; This will show the following structure: +--------------+-----------------+------+-----+---------+----------------+ | Field        | Type            | Null | Key | Default | Extra          | +--------------+-----------------+------+-----+---------+----------------+ | option_id    | bigint unsigned | NO   | PRI | NULL    | auto_increment | | option_name  | varchar(191)    | NO   | UNI |         |                | | option_value | longtext        | NO   |     | NULL    |                | | autoload     | varchar(20)     | NO   | MUL | yes     |                | +--------------+-----------------+------+-----+---------+----------------+ The relevant option is called active_plugins , so to see its content, type: mysql> select * from wp_options where option_name = "active_plugins"; This will retu

turning on debug mode

Turn debug mode on edit your wp-config.php file and find define('WP_DEBUG', false); change to define('WP_DEBUG', true); General causes of bugs 1. Dodgy plugins/templates. Remove them all and add them back one at a time. Same for themes 2. Config errors. Replace the config.php file with the template and reinstate it. Obviously copy/paste the login details for the database out before you do that, so when you recreate it, it asks for them again. 3. Code incompatibilities . You have some old code somewhere (e.g. an old php file) which was not upgraded and is now incompatible with the new php in the new issue of wordpress/plugin/template etc 4. Permission errors.  chmod -R 755 /var/www/mysite chown -R www-data:www-data /var/www/mysite assuming your installation is located in /var/www/mysite. On a single-site server it will be /var/www/html "There has been a critical error on your website" = problem 3 above, usually.

Securing wordpress

 Wordpress is very vulnerable to attacks. I suggest the following four steps. 1. Install Sucuri plugin 2. Install Wordfence plugin 3. Install IQ block country and block all countries except your own unless you need to have customers from overseas.  4. Delete the wp-login.php file (or rather, keep a copy of it somewhere else), and put it into the folder when you need to login, but when you don't need to login, delete it. There are plugins that hide the login, which you can also use, but I find that quite often they don't work. I've been locked out of my own site many times from those plugins, hence the crude approach of just deleting the login script.

Resetting admin password

 mysql> SELECT ID, user_login, user_pass FROM wp_users;  mysql>  UPDATE wp_users SET user_pass=MD5('password') WHERE ID = '1';

enabling web interface updates over FTP or directly

Wordpress can be updated on the command line or the graphical side in the web browser. But in order to do that you need write permission on the server as the user www-data (the webs server), or, ftp access to upload files from to the server you are hosted at. Hence, you can either set the website to be owned by the webserver (and risk that vulnerabilities to the webserver affect your website), or you can enable FTP. The default is to let the webserver (www-data) have write permission: chown -R www-data:www-data /var/www/wordpress/ chmod -R 775 /var/www/wordpress/ To enable FTP, create a user specifically for the purpose on the server's FTP service and give them ownership of the wordpress folder. Put the following code into the wp-config.php file define( 'FS_METHOD', 'direct' ); define( 'FTP_BASE', '' ); define( 'FTP_CONTENT_DIR', ' /www/wordpress/wp-content/' ); define( 

updating wordpress on the command line and automating updates

If you have access to your host server it is much easier to update on the command line or use its crontab file to keep your site updated. 1. Set the web user - or whoever will need write access to the wordpress installation folder - to have /bin/bash as their shell. For example, like so: sudo chsh www-data -s /bin/bash The above assumes you're on ubuntu linux and the user is www-data. 2. Install the wp package. wget chmod u+x wp-cli.phar mv wp-cli.phar /usr/local/bin/wp wget cat wp-completion.bash >> ~/.bashrc 3. Run the update sudo -u www-data -i -- wp core update --path=/var/www/website/ 4. change the shell back chsh www-data -s /usr/sbin/nologin 5. You can put all this into a script and then automate it under cron: man crontab 5

wordpress can't login / can't access the database

 Sometimes you get an error with a wordpress site where it says 'wordpress can't access the database' That's because it's not using the native mysql password. If your wordpress database is called 'wordpress' and your user is called 'user' and your password is 'password', login as root on mysql and type: ALTER USER 'user'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password'; Check the config file has the right password in it, probably /var/www/wordpress/wp-config.php That will fix it.