wp core reinstall
Overview
Restore WordPress core files to a known-good state at the currently installed version. The database, wp-config.php, and plugins/themes are untouched. Ideal for incident response and file corruption recovery.
What It Does
wp core reinstall downloads a fresh copy of the WordPress core files at the currently installed version and overwrites them. It does not touch:
- The database
wp-config.phpwp-content/(plugins, themes, uploads)
This makes it safe to run on a live site when you need to replace potentially modified or corrupted core files.
Syntax
wp core reinstall [--locale=<locale>] [--insecure]
Options & Flags
| Flag | Description |
|---|---|
--locale=LOCALE | Reinstall in a specific locale (defaults to current install locale) |
--insecure | Skip SSL verification when downloading |
Basic Usage
Reinstall at current version
wp core reinstall
Reinstall with specific locale
wp core reinstall --locale=id_ID
Expected Output
Downloading WordPress 6.7.2 (en_US)...
md5 hash verified: 9a7fa9b67e6b7b0ee7b43a56e0e18b10
Success: WordPress reinstalled successfully.
How It Differs from Related Commands
| Command | What it does | Safe on live site? |
|---|---|---|
wp core reinstall | Overwrite core files at current version | ✅ Yes |
wp core update | Upgrade core to a newer version | ⚠️ With backup |
wp core download --force | Download core at any version and overwrite | ⚠️ Specify version carefully |
wp core verify-checksums | Check integrity — does NOT repair | ✅ Yes (read-only) |
Real-World Scenarios
Scenario 1: Post-malware cleanup
# 1. Verify which files are modified
wp core verify-checksums
# 2. Reinstall core to clean state (same version)
wp core reinstall
# 3. Verify again
wp core verify-checksums
# 4. Rotate authentication salts
wp config shuffle-salts
Scenario 2: File corruption after a bad FTP upload
# Site is broken — reinstall core without touching data
wp core reinstall
# Check the site is back
wp core version
curl -s -o /dev/null -w "%{http_code}" https://example.com
Scenario 3: Automation — nightly core file integrity enforcement
#!/bin/bash
if ! wp core verify-checksums --quiet; then
echo "Core file mismatch detected — reinstalling..."
wp core reinstall
wp core verify-checksums
fi
Best Practices
- Run
wp core verify-checksumsfirst to confirm there are actually modified files. - Take a DB backup first as a safety net, even though the command does not touch the DB.
- Follow with
wp config shuffle-saltsafter any security incident. - Confirm the version with
wp core versionbefore reinstalling — ensures you're restoring the right version.
Troubleshooting
| Problem | Cause | Fix |
|---|---|---|
| Download fails | No internet / firewall | Check connectivity; try --insecure |
| Reinstall doesn't fix modified files | Files are in wp-content/ (not core) | Check plugins/themes for malware separately |
| Site still broken after reinstall | DB or config issue | Check wp-config.php and run wp db check |
| Wrong locale | Default locale mismatch | Specify --locale explicitly |
Quick Reference
wp core reinstall # Reinstall at current version
wp core reinstall --locale=en_US # Force English locale
wp core verify-checksums # Check integrity before and after
wp config shuffle-salts # Rotate salts after security incident
Next Steps
wp core verify-checksums— verify file integrity before and after.wp config shuffle-salts— rotate authentication keys after reinstall.wp core update— upgrade to a newer version once stable.