(I have found some links to customising an initial install like this one and this one, but unless I’m missing something – which is quite possible, they don’t answer my question)
I’m wanting to set up a minimal WordPress install that users can then run with. I have written a script which downloads the latest wordpress and creates a wp-config.php page with the database settings etc. The first time a user goes to their site, it asks them for a site title, username, password and email address.
As someone created one of these sites and did not proceed to enter their details the site was eventually found and exploited by a hacker. It occurs to me that to fix this problem all I need to do is assign initial details for these fields and communicate them automatically to the site owner – but that seems easier said then done.
On attempting to set up a new blog, I see that the database schema is not created until this install page has run. I’m loathe to create an initial SQL schema and dump it in for fear that newer versions of WordPress will use a different schema, breaking the install process (Is this fear justified?)
Is there a way I can go about programatically handling the “install.php” stuff – or at least have wordpress automatically create the schema and defaults so I can prepopulate a username and password ?
(It strikes me that as an alternative I can probably play around with password protecting install.php in Apache with a .htaccess file, but that does not seem like an elegant solution to me)
3 Answers
I’d highly recommend WP-CLI for such tasks. It is a tool that allows installation and configuration of WordPress on the command line.
What you are trying could easily be done:
wp core download
wp core config --dbname=<dbname> --dbuser=<dbuser> --dbpass=<dbpass>
wp core install --url=<url> --title=<site-title> --admin_user=<username> --admin_password=<password> --admin_email=<email>
There are a lot of other commands that you can use to customize your installation even further.