How to exclude wordpress from magento root - wordpress

I have a magento store running on name.pippo.com
Now I am considering to install wordpress for blogging.
Since I would like to integrate magento + wordpress as a fully integrate system (maybe with magento fishpig extension), i would like to knwo how to obtain same result but installing wordpress in a subfolder of my TLD, i.e. www.pippo.com/wp
can i Do that?
The main reason is to have both system separate and avoiding magento system backup to back up wordpress too. I would like to have magento on its own, in a thirdlevel domain keeping the magento installation as much clean as I can.
thank you very much, I hope i was clear. I appreciate any advise.

This is possible but it makes no sense and would take a bit of hacking together. This is one of those situations where if you have to ask how to do it, you probably won't be able to do it.
My advice would be to integrate WordPress normally and just have WP as part of your backup.
Keep WP as lean as possible, install few plugins and only have 1 theme installed. If you want to be really secure, limit access to your WP Admin by IP address and ensure all permissions are set restrictively.

Yes, you can made sub folder in your TLD and as you know the fishpig wordpress integration in this extension you can make a separate database for wordpress or you can merge wordpress database to magento database and you can take both backup separately.

Related

AWS Lightsail WordPress Multisite plugins require FTP?

I have a WordPress Multisite running on a relatively new Amazon Web Services (AWS) Lightsail instance, based on a Bitnami image (provided through AWS Lightsail) running a LAMP stack, based on Debian.
Until recently, plugins installed through the WordPress multisite Administrator Dashboard installed and ran good. Worked great before, no problems. Now, for some reason, attempting to install any WordPress plugin surfaces a dialog requiring FTP credentials be provided. There's a screenshot of the WordPress multisite dialog asking for FTP credentials at the end of this message.
I'm thinking this - new - demand to provide FTP credentials when adding a WordPress plugin is happening due to permissions. Naturally, I'd rather not need to install WordPress plugins using FTP.
So, I have two questions:
What settings were accidentally - somehow - changed to cause WordPress to now produce this new requirement asking for FTP credentials when installing any WordPress plugin?
How to I fix WordPress so that plugins can be installed without FTP?
I did see many solutions for fixing permissions on the Internet, except since I'm new to AWS, Linux (Debian) & WordPress I'd like to use this opportunity to learn how this situation happened, while learning how to fix the hiccup. Other than using a few new plugins, which installed & ran fine without FTP, I have not made any edits to any internal WordPress files.
The only chance to change permissions might - maybe - have happened when setting-up users within my AWS account, including setting-up of a Yubico key with key-pairs --> I don't think that security change would influence the LAMP stack running the WordPress multisite, but I wanted to offer information that might - maybe - related to security changes influencing why, now, adding WordPress plugins requests FTP credentials.
Thanks in advance, everybody. Thank you. :)
WordPress multisite dialog asking for FTP credentials
I tried to add many, many WordPress plugins to confirm that every WordPress plugin now asks for FTP credentials for any new plugin.
I have looked at many Internet posts explaining how to change WordPress & Linux permissions, along with posts explaining how to change WordPress configuration files to not ask for FTP when installing new plugins. I have not acted on these many suggestions since I'm cautious & careful --> I'm ready to study months & months becoming a Linux, WordPress, and supporting technologies expert, but at this stage since I'm new to all-of-the-above, I'm reluctant to make any changes until I fully understand the technologies (after making this post, I will make copies of WordPress configuration-files to test changes that can be undone, but I wanted to see whether StackOverflow might help me learn what happened in the first place, while learning how to correctly fix these issues.
I pay for AWS Premium Support --> I've sent a message to AWS Premium Support, but so far have not heard back from AWS.

Would one-click installation delete previous website?

I am helping a friend build a simple Wordpress website, their current website is with a hosting and domain service called https://www.icuk.net/.
The website is very poorly built on this platform. I told them I'd make a website for free on WordPress as I have some experience with drag and drop WordPress website builders.
My question is, if I use the platform's one-click WordPress installation, does it automatically delete the website that was previously using the domain and hosting? If so, could anyone explain in layman's terms how I would go about backing it up, as it's always better to be safe than sorry.
I would be hesitant to do this, personally. I believe you can use the one click service to uninstall, at which point you can install WP again. A better option, however, if WP is already installed, would be to just change the theme, deactivate and delete any unwanted plugins, and then delete (or change to draft if you may want any of the content for your new development) any unwanted posts or pages. A current version of WP is a current version of WP, thus there is no reason to reinstall. Once you change the theme, remove the posts and pages, and remove the plugins, you are essentially back to a new install. Maybe do that instead?

How to manually back up wordpress website

I have never used wordpress before, My boss has given me access to a site which was created using wordpress. then He asked me how I am going to make sure I don't break the site accidentally, I told him I would create a backup on my local computer so that all my changes can be restored if I mess up.
I have the wordpress dashboard up. How do I back up EVERYTHING, I hear there are two separate things I need to back up? someone please help me.
PS: I don't think he would like me to do this with out the use of additional plugins.
There are two separate things:
Your website database. Simply export all the MySQL tables from the database, which is dedicated to your site.
The site files, everything you've got under WordPress folder, /wp-includes, /wp-content, /wp-admin directories and all files.
This should do it all. You can test on your localhost to make sure it's everything that's necessary.
You can backup your WordPress either from your hosting account (preferable) or from your WP dashboard.
You need to backup two things - all the files (the root of your Wordpress installation) and the database for your WP installation.
Since you only have access to the dashboard, you have to use plugin for this.
Two of my favorite free backup plugins are:
BackupWordpress - https://wordpress.org/plugins/backupwordpress/
BackWPup - https://wordpress.org/plugins/backwpup/
They are intuitive and easy to work with, so you shouldn't have issues.
If you go to the dashboard go to "tools" in the left toolbar. Select "export". On the export page you can report that you want to export "all content". This will get you the items that you need from the server.
Then you need to install wordpress to your machine. You can download that from: https://wordpress.org/download/
Once you have that on your machine you also need a local server to run it and test it. I like WAMP, but it partially depends on your operating system. I suggest the following video to get you up to speed on how to get the localhost set up and running: https://www.youtube.com/watch?v=snFzbPm_RUE
Hope this helps!

Can WordPress Multisite work like a regular site?

I'm helping someone that has no technical experiences with their WordPress site, and I realized he may have accidentally set it up as a multisite.
My question is if I don't want to go through all the trouble of changing the site back to a regular WordPress site, can I just treat and use the site as a regular WordPress site? Or will there be any technical difficulties later on?
(the site just displays some content and can put items in shopping cart to buy them)
And since it's a multisite and I only have admin power and not super admin, to install plugins I would have to either ask for access to the super admin account or have the person install the plugins for me, right?
Lastly, how would I access and change the wp-content/ files to customize (css/html/js) the templates myself? Do I just download Filezilla to grab the files and change them and upload them back? Or is there a better way to do this?
And would I need super admin power to do this and what additional information do I need to set up the Filezilla besides the site url, my admin account and password?
Sorry for so many questions on here, please let me know if you need any additional information.
Thanks!
he may have accidentally set it up as a multisite.
This sounds weird. Setting up a multisite is not something you do accidently.
I would suggest you ask access through ftp (FileZilla should do, and you do not need to be super admin). To see if it's multisite or not, you can look at the .htaccess file or wp-config.php. If you really do not need the multisite, it's best to revert back to a single install.
Now, to answer your questions,
can I just treat and use the site as a regular WordPress site?
No, you can't, especially not if you are not network admin. You need this to upgrade WP, plugins and the theme. Keeping the installation up-to-date is crucial for security.
to install plugins I would have to either ask for access to the super
admin account or have the person install the plugins for me, right?
Being able to install and update plugins from within the WordPress Admin is convenient. Technically, however, you can also do so through FTP: simply add the plugins to /wp-content/plugins/ and the themes to /wp-content/themes/. You can then activate these on the site.
how would I access and change the wp-content/ files to customize
(css/html/js) the templates myself?
FileZilla indeed. If you have access to the network you can edit these in the WP admin too, but I personally prefer to do so with an editor like Notepad++.
what additional information do I need to set up the Filezilla besides
the site url, my admin account and password?
You can't use your WordPress password for this, you need to have FTP access, and even better sFTP (encrypted). This is something the host should provide. Perhaps these tutorials may be helpful.
GL with it!

How to jail Wordpress directory inside Magento directory?

Goal: We have a Magento installation which contains a lot of sensitive data. We're looking to host a Wordpress installation.
Problem: Since we're installing third-party modules on Wordpress, we don't want any security issues in Wordpress to be able to compromise Magento.
I've spoken to a couple of my friends, and also had a think back to how it's been implemented in the past, but I wanted another opinion.
Since the wordpress directory will reside inside of the magento directory, would it be sufficient to chown the files inside of wordpress to a new user ("user-wp"), and then to chroot the user-wp user to the wordpress directory? Magento would then still have access to all of the Wordpress files, but not vice-versa.
Any other suggestions on how to go about implementing this would be more than appreciated! Somebody also suggested configuring a separate vhost.
Using a subdomain like blog.site.com would probably be the easiest way to set this up. All you would have to do is add a new VHost for the WordPress installation.
I don't think Chrooting would provide much security. You may also run into WordPress Plugin issues with such a configuration.
The setup is tricky. You would have to go and modify the PHP-fpm process pool and users it runs with. Then assign one pool to Magento and another to WordPress. Additionally you will also want to serve static assets & uploads from the Webserver itself.
And when you change this config you have to retest your Magento install to make sure things you didn't break anything accidentally.
Too much hassle, just use the subdomain. :)

Resources