Advanced Plugin Management
Overview
Beyond basic installation and activation, WP-CLI offers powerful features for handling complex plugin scenarios: custom sources, version control, bulk operations, plugin development, and troubleshooting edge cases.
Advanced Installation Methods
Installing from GitHub
# Install from GitHub repository main branch
wp plugin install https://github.com/username/plugin-name/archive/refs/heads/main.zip
# Install from specific release
wp plugin install https://github.com/username/plugin-name/releases/download/v1.2.3/plugin-name.zip --activate
# Install from specific commit
wp plugin install https://github.com/username/plugin-name/archive/abc123.zip
Use cases:
- Installing development versions
- Testing unreleased features
- Using forked plugins with custom modifications
Installing from Private Repositories
# Install from private server with authentication
wp plugin install https://user:password@private-repo.com/plugins/premium-plugin.zip
# Install from S3 bucket (with presigned URL)
wp plugin install "https://bucket.s3.amazonaws.com/plugins/plugin.zip?AWSAccessKeyId=..."
# Install from GitLab private repo
wp plugin install https://oauth2:TOKEN@gitlab.com/user/plugin/-/archive/main/plugin-main.zip
Secure Credentials
Never hardcode credentials in scripts. Use environment variables:
wp plugin install "https://$REPO_USER:$REPO_TOKEN@private-repo.com/plugin.zip"
Installing from Local Development
# Install plugin from local development directory
wp plugin install /home/user/dev/my-plugin.zip --activate
# Symlink development plugin (for active development)
ln -s /home/user/dev/my-plugin wp-content/plugins/my-plugin
wp plugin activate my-plugin
Version Management
Installing Specific Versions
# Install specific version
wp plugin install woocommerce --version=8.2.0
# Install and lock version (don't auto-update)
wp plugin install elementor --version=3.16.0
# Install older version for compatibility testing
wp plugin install yoast-seo --version=20.0
Downgrading Plugins
# Downgrade to previous version after bad update
wp plugin install woocommerce --version=8.2.0 --force
# Verify downgrade
wp plugin get woocommerce --field=version
Use cases:
- New version breaks compatibility
- Bug in latest release
- Testing against specific version
Version Comparison
# Check current vs available version
wp plugin list --fields=name,version,update
# Get update version for specific plugin
wp plugin get elementor --field=update_version
# List all plugins with available updates
wp plugin list --update=available
Bulk Operations
Bulk Install from List
# Create plugin list file
cat > plugins.txt << EOF
contact-form-7
wordfence
updraftplus
yoast-seo
elementor
EOF
# Install all plugins from list
cat plugins.txt | xargs wp plugin install --activate
Install Plugin Stack by Category
#!/bin/bash
# install-plugin-stack.sh
# Security plugins
SECURITY_PLUGINS="wordfence ithemes-security updraftplus"
# SEO plugins
SEO_PLUGINS="yoast-seo rank-math"
# Performance plugins
PERFORMANCE_PLUGINS="w3-total-cache autoptimize"
# E-commerce plugins
ECOMMERCE_PLUGINS="woocommerce woocommerce-gateway-stripe"
# Install based on site type
case "$1" in
"blog")
wp plugin install $SECURITY_PLUGINS $SEO_PLUGINS --activate
;;
"shop")
wp plugin install $SECURITY_PLUGINS $ECOMMERCE_PLUGINS --activate
;;
"full")
wp plugin install $SECURITY_PLUGINS $SEO_PLUGINS $PERFORMANCE_PLUGINS $ECOMMERCE_PLUGINS --activate
;;
*)
echo "Usage: $0 {blog|shop|full}"
exit 1
;;
esac
Usage:
./install-plugin-stack.sh shop
Sync Plugins Between Sites
#!/bin/bash
# sync-plugins.sh - Copy active plugins from one site to another
SOURCE_PATH="/var/www/site1"
TARGET_PATH="/var/www/site2"
# Get list of active plugins from source
PLUGINS=$(wp plugin list --status=active --field=name --path=$SOURCE_PATH)
# Install and activate on target
for plugin in $PLUGINS; do
echo "Installing $plugin..."
wp plugin install $plugin --activate --path=$TARGET_PATH
done
echo "Plugin sync complete!"
Plugin Development with WP-CLI
Scaffold a New Plugin
# Create basic plugin structure
wp scaffold plugin my-custom-plugin
# Scaffold with options
wp scaffold plugin my-plugin \
--plugin_name="My Custom Plugin" \
--plugin_description="A custom WordPress plugin" \
--plugin_author="Your Name" \
--plugin_author_uri="https://example.com" \
--activate
What this creates:
- Plugin directory structure
- Main plugin file with proper headers
readme.txtfile- Basic PHP structure
Scaffold Plugin Components
# Scaffold a custom post type
wp scaffold post-type book --plugin=my-plugin
# Scaffold a taxonomy
wp scaffold taxonomy genre --plugin=my-plugin --post_types=book
# Scaffold plugin tests
wp scaffold plugin-tests my-plugin
Generate Plugin Boilerplate
# Create plugin with full boilerplate
wp scaffold plugin my-advanced-plugin \
--plugin_name="My Advanced Plugin" \
--skip-tests \
--activate
# Add custom functionality
cd wp-content/plugins/my-advanced-plugin
# Edit files...
# Activate for testing
wp plugin activate my-advanced-plugin
Handling Premium Plugins
Automated Premium Plugin Deployment
#!/bin/bash
# deploy-premium-plugins.sh
# Premium plugin storage (S3, private server, etc.)
PREMIUM_REPO="https://secure.example.com/plugins"
# List of premium plugins
declare -A PREMIUM_PLUGINS=(
["gravityforms"]="gravityforms-2.7.zip"
["acf-pro"]="advanced-custom-fields-pro-6.2.zip"
["elementor-pro"]="elementor-pro-3.16.zip"
)
# Install each premium plugin
for plugin in "${!PREMIUM_PLUGINS[@]}"; do
echo "Installing $plugin..."
wp plugin install "$PREMIUM_REPO/${PREMIUM_PLUGINS[$plugin]}" --activate
done
Premium Plugin License Management
# Activate plugin license via WP-CLI
wp option update elementor_pro_license_key "YOUR-LICENSE-KEY"
# Activate Gravity Forms license
wp gf license activate YOUR-LICENSE-KEY
# Check license status
wp option get acf_pro_license
Plugin Cleanup & Maintenance
Remove Inactive Plugins
# List inactive plugins
wp plugin list --status=inactive --field=name
# Delete all inactive plugins
wp plugin list --status=inactive --field=name | xargs wp plugin delete
# Delete specific inactive plugins
wp plugin delete akismet hello
Backup First
Always backup before bulk deletions:
wp db export backup-before-cleanup.sql
Clean Plugin Residual Data
# Some plugins leave data after deletion
# Check for orphaned options
wp option list | grep plugin_name
# Delete orphaned options
wp option delete plugin_name_settings
wp option delete plugin_name_version
# Check for orphaned tables
wp db query "SHOW TABLES LIKE '%plugin_name%';"
# Drop orphaned tables (be careful!)
wp db query "DROP TABLE wp_plugin_name_table;"
Plugin Audit Script
#!/bin/bash
# audit-plugins.sh
echo "=== WordPress Plugin Audit ==="
echo "Date: $(date)"
echo ""
echo "Total Plugins: $(wp plugin list --field=name | wc -l)"
echo "Active Plugins: $(wp plugin list --status=active --field=name | wc -l)"
echo "Inactive Plugins: $(wp plugin list --status=inactive --field=name | wc -l)"
echo ""
echo "Plugins with Updates Available:"
wp plugin list --update=available --fields=name,version,update
echo ""
echo "Inactive Plugins (Consider Removing):"
wp plugin list --status=inactive --fields=name,version
echo ""
echo "Plugins Not Updated in 1+ Year:"
# This requires custom logic or plugin metadata parsing
Troubleshooting Edge Cases
Fix Corrupted Plugin Files
# Reinstall plugin to fix corrupted files
wp plugin install plugin-name --force
# Verify integrity
wp plugin verify-checksums plugin-name
Handle Plugin Activation Errors
# Activate with error logging
wp plugin activate problematic-plugin 2>&1 | tee activation-error.log
# Check for fatal errors
if grep -q "Fatal error" activation-error.log; then
echo "Fatal error detected! Deactivating..."
wp plugin deactivate problematic-plugin
fi
Resolve Plugin Conflicts
#!/bin/bash
# find-plugin-conflict.sh
echo "Testing for plugin conflicts..."
# Deactivate all
wp plugin deactivate --all
# Activate plugins one by one
for plugin in $(wp plugin list --status=inactive --field=name); do
echo "Testing: $plugin"
wp plugin activate $plugin
# Test site health
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" http://localhost)
if [ "$HTTP_CODE" != "200" ]; then
echo "CONFLICT FOUND: $plugin"
wp plugin deactivate $plugin
exit 1
fi
done
echo "No conflicts found!"
Handle Must-Use Plugins
# List must-use plugins
wp plugin list --status=must-use
# Install plugin as must-use
cp wp-content/plugins/my-plugin/my-plugin.php wp-content/mu-plugins/
# Remove must-use plugin
rm wp-content/mu-plugins/my-plugin.php
Multisite Advanced Management
Network-Wide Plugin Control
# Enable plugin for network (make available to subsites)
wp plugin activate wordfence --network
# Activate on all subsites
wp site list --field=url | xargs -I {} wp plugin activate woocommerce --url={}
# Deactivate on all subsites
wp site list --field=url | xargs -I {} wp plugin deactivate akismet --url={}
Per-Site Plugin Management
# Install plugin on specific subsite only
wp plugin install woocommerce --activate --url=shop.example.com
# List plugins for specific subsite
wp plugin list --url=blog.example.com
# Bulk activate on selected subsites
for url in site1.example.com site2.example.com; do
wp plugin activate elementor --url=$url
done
Multisite Plugin Audit
#!/bin/bash
# multisite-plugin-audit.sh
echo "=== Multisite Plugin Audit ==="
# Network-activated plugins
echo "Network-Activated Plugins:"
wp plugin list --status=active-network --field=name
# Check each subsite
for url in $(wp site list --field=url); do
echo ""
echo "Site: $url"
echo "Active Plugins:"
wp plugin list --status=active --field=name --url=$url
done
Performance Optimization
Lazy Load Plugins
# Check plugin load time impact
wp plugin list --fields=name,status
# Use must-use plugin to conditionally load plugins
# Create: wp-content/mu-plugins/conditional-plugin-loader.php
Plugin Performance Testing
#!/bin/bash
# test-plugin-performance.sh
PLUGIN_NAME="$1"
# Benchmark before activation
echo "Testing site performance without $PLUGIN_NAME..."
ab -n 100 -c 10 http://localhost/ > before.txt
# Activate plugin
wp plugin activate $PLUGIN_NAME
# Benchmark after activation
echo "Testing site performance with $PLUGIN_NAME..."
ab -n 100 -c 10 http://localhost/ > after.txt
# Compare results
echo "Performance comparison:"
echo "Before: $(grep 'Requests per second' before.txt)"
echo "After: $(grep 'Requests per second' after.txt)"
Security Best Practices
Verify Plugin Checksums
# Verify plugin integrity
wp plugin verify-checksums --all
# Verify specific plugin
wp plugin verify-checksums woocommerce
# Check for modified files
wp plugin verify-checksums --all --strict
Audit Plugin Permissions
# Check plugin file permissions
find wp-content/plugins -type f -not -perm 644 -ls
# Fix plugin permissions
find wp-content/plugins -type f -exec chmod 644 {} \;
find wp-content/plugins -type d -exec chmod 755 {} \;
Remove Vulnerable Plugins
# Check for known vulnerabilities (requires WP-CLI vulnerability scanner)
wp vuln plugin-status
# Remove vulnerable plugin
wp plugin delete vulnerable-plugin
# Update all plugins to patch vulnerabilities
wp plugin update --all
Quick Reference
Advanced Commands
# Version management
wp plugin install <plugin> --version=1.2.3 # Specific version
wp plugin install <plugin> --force # Force reinstall
# Development
wp scaffold plugin <name> # Create plugin
wp scaffold post-type <name> --plugin=<name> # Add CPT
wp scaffold taxonomy <name> --plugin=<name> # Add taxonomy
# Bulk operations
cat plugins.txt | xargs wp plugin install # Install from list
wp plugin list --status=inactive --field=name | xargs wp plugin delete # Delete inactive
# Multisite
wp plugin activate <plugin> --network # Network activate
wp site list --field=url | xargs -I {} wp plugin activate <plugin> --url={} # All subsites
# Maintenance
wp plugin verify-checksums --all # Verify integrity
wp plugin list --update=available # Check updates
wp plugin list --status=inactive # List inactive
# GitHub/URL installs
wp plugin install https://github.com/user/plugin/archive/main.zip
wp plugin install https://example.com/plugin.zip
Summary
| Feature | Capability | Use Case |
|---|---|---|
| Custom Sources | GitHub, private repos, local files | Premium plugins, development |
| Version Control | Install/downgrade specific versions | Compatibility testing |
| Bulk Operations | Install/manage multiple plugins | Site setup, migrations |
| Plugin Development | Scaffold plugins and components | Custom development |
| Multisite | Network and per-site management | Enterprise WordPress |
| Security | Checksum verification, audits | Security hardening |
| Performance | Testing, optimization | Site speed |
Key Takeaway
WP-CLI's advanced plugin management features enable professional WordPress workflows: automated deployments, version control, bulk operations, and enterprise-scale management.
Next Steps
- Master database operations: Database Management
- Learn user management: User Management
- Explore automation: Automation & Scripting