I want to use WordPress as a CMS, not just as a blog-engine. According to the WWW this should be possible. I tried some other CMSes briefly. I think they suffer from over-complexity or overweight and I don’t want to overload my brain or system.
Below I’ll use ${WPROOT} to refer to the directory wordpress is installed
Installation
Download and installation from the WordPress MU website it pretty straightforward.
- Apache:
- I installed wordpress-root in a virtual host
- I defined the *.domain.tld ServerAlias for the moment. If I’m ready testing I will assign virtual hosts names myself
- I defined *.domain.tld in my DNS to have any unknown host to be resolved as the wordpress site.
- mod_rewrite module must be enabled
- Put AllowOverride FileInfo Options in the <Directory> directive.
- In mysql create a user with an empty database
WordPress is installed for subdomains (*.domain.tld). The root is used for administration purposes only. I don’t want any visitor to be disturbed by administrator login pages.
Modify ${WPROOT}/wp-content/themes/home/home.php and put only a redirect tag in like <meta http-equiv=”REFRESH” content=”0;URL=http://www.domain.tld/”>. You have to goto the login page by typing or linking it somewhere else.
Moving a WordPress site
This instruction from Steve Taylor works very well.
http://sltaylor.co.uk/blog/moving-wordpress-new-domain-server/
Before starting lock out everyone (./.htaccess and ./503.php and backup everything.
The main thing is to export the database and change all occurrences the directory-path and URL. In simple sites this is pretty straight-forward. The only serialized data is in the recently_edited file-list (table wp_options). I think you can safely ignore these.
The other thing is to move all files you added or edited too. These may be:
- ./.htaccess
- ./503.php
- ./wp-content/themes/<theme>/functions
- Any theme you created yourself.
- ./robots.txt
Security tips
Also from Steve Taylor: http://sltaylor.co.uk/blog/wordpress-hacks-tips-security/
Very briefly summarized:
- Use a randomly generated password for the DataBase
- Replace the standard table prefix (wp_) with a random string.
- Disable user Admin, create another user with the Administrator role.
- Remove ./wp-admin/install.php
- Create ./.htaccess to deny access to ./wp-config.php, ./.htaccess and directory listing.
IndexIgnore *
<Files .htaccess>
order allow,deny
deny from all
</Files>
<FilesMatch ^wp-config.php$>
deny from all
</FilesMatch> - Disable publication of the WP-version by adding this function and filter to your theme functions (./wp-content/themes/<theme>/functions.php)
function no_generator() { return”;}
add_filter( ‘the_generator’, ‘no_generator’ ); - Use the wordpress coding standards
- Use strong passwords (min 8 characters, include numbers, punctuation, capitals)
- Backup frequently your database and files if you changed them.
Themes
Themes define the layout of a wordpress site. The themes are stored in ${WPROOT}/wp-content/themes. You can start a new theme by just copying a them to a new directory and start modifying it.
Learned from the default theme (wp2.9.2)
- style.css
- The first comment defines the name and authorship of the theme.
- images/kubrickbgcolor.jpg
- Defines the background-color of the browser window (outside the page)
- images/kubrickbg-ltr.jpg
- Defines the background-colors of the page-body
- images/kubrickfooter.jpg
- Defines the background-color of the page-booter
- images/kubrickheader.jpg
- Defines the colors and shape of the header. For some of the colors the settings in the ‘Appearance’-‘Custom header’ section have preference. If you remove all color settings from the ‘Custom header’ page the color from the image are selected.
First thing I will try is to find a good theme that matches your layout needs. Then check if it can be modified to make if fit exactly.
Nice themes found:
- WikiWP (For unix)
- Andyblue (3 column theme)
- Tomorrow (very quiet, everything is in index.php)
- blog.txt (Text-style)
Plugins
Definition List
Adds DL button to the editor. Added to wp_unix
Configure SMTP
You really need this to get wordpress sending emails.