azure / wordpress-linux-appservice Goto Github PK

Hey there,

I'm attempting to use the Terraform code. With or without modification to dev.tfvars I run the following:

terraform init
terraform plan -var-file='dev.tfvars'

And I get the following errors:
╷
│ Error: Unsupported argument
│
│ on main.tf line 116, in resource "azurerm_linux_web_app" "wordpress_web_app":
│ 116: docker_image_name = "${var.wordpress_container_linux_fx_version}:8.2"
│
│ An argument named "docker_image_name" is not expected here.
╵
╷
│ Error: Unsupported argument
│
│ on main.tf line 117, in resource "azurerm_linux_web_app" "wordpress_web_app":
│ 117: docker_registry_url = var.app_service_docker_registry_url
│
│ An argument named "docker_registry_url" is not expected here.

I am running Terraform 1.6.0 on Windows 11. Same occurs with Terraform 1.5.7. Same happens in Ubuntu 22.04.3 under WSL2 with:

Terraform v1.6.1
on linux_amd64

• provider registry.terraform.io/azure/azapi v1.9.0
• provider registry.terraform.io/hashicorp/azurerm v3.30.0
• provider registry.terraform.io/hashicorp/random v3.5.1

I can´t get debug.log working in wp-content.
I have the following in my wp-config.php:
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_DISPLAY', true );
define( 'WP_DEBUG_LOG', true );

But no debug.log is showing up.

I've installed WordPress behind a CDN as described in https://learn.microsoft.com/en-us/azure/app-service/quickstart-wordpress
This gave WordPress 6.3, PHP 8.2.5, nginx 1.22.1
Images in the editor are displayed as a broken image symbol and the alt text. (They display correctly on the page.)

I've tried disabling all plug-ins, checked site health, swapped theme and installed the Health Check & Troubleshooting plug-in
I see the same in Edge 115.0.1901.200 and Chrome 115.0.5790.171

I think it would be useful to have some documentation or an example showing how to deploy Wordpress code updates via GitHub Actions and/or Azure DevOps.

Does anyone know where the ARM Template of WordPress on Azure Linux App Service backed by MySQL Flexible Server?

When signed into the site (wp-admin), going to Dashboard > Updates presents text under WordPress Updates" > Current Version denoting that automatic updates are not working/enabled currently: "This site will not receive automatic updates for new versions of WordPress." There is no clickable link for enabling automatic updates. This is a very important security requirement for utilizing this service. Note that this is not regarding auto updates for the App Service or the WordPress plugins as those both seem to work OK, just WordPress itself.

Note:
I did already email [email protected] about this, and they responded with the following which directed me here: "There seem to be a bug with auto-upgrade configuration setting, sorry for the inconvenience caused. Can you please create a bug for the same here : Issues · Azure/wordpress-linux-appservice (github.com), we will review and revert back once resolved."

Hi there, I've deployed an App Service with WordPress twice, and each time, I am unable to log in using the correctly provided credentials. Is it possible that something in the script is no longer passing the User ID and Password to the WordPress instance during the deployment process?

I was trying to follow the steps for the migration plugin: https://github.com/Azure/wordpress-linux-appservice/blob/main/WordPress/WordPress_Migration_Plugin.md

But the problem is the export file is too big (6.2GB) to import it in the new Wordpress and the plugin complains about it:

Do we have an alternative for this?

Thank you so much!!!

After created WordPress with the default ARM Template, it's cool that the static content of WordPress website is stored in Azure Blob Storage. However, it seems to be not available in Bicep & Terraform files.

When setting AFD_CUSTOM_DOMAIN setup doesnt tackle (or define steps to):

• Remove the old assigned domain from the route
• Add Forward Host Header
• Add the domain to the AppService so it accepts the HOST header traffic matching the custom domain

It would be better if Bicep code supports modules (app services, MySQL databases, storage accounts, CDN endpoints...) and looping for creating multiple WordPress apps.

Couple of things I want to bring light to while deploying this for our tenant. I compared the deployment done from azure portal's marketplace to see what was misaligned with what you have here.

1. The app service's app settings is missing data for front door:
   AFD_ENABLED
   AFD_ENDPOINT

2. Origins Groups does not include storage account's origin group

3. For resource "azurerm_cdn_frontdoor_rule" if you do have storage account...
   ["wp-content/uploads/"] does not include blob container ie. ["/wp-content/uploads/"]

Hello,

I have set up WordPress on Linux App Service, installed a theme, and now I cannot load fonts that the theme uses because of CORS. I see the following errors in the network console of my browser:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://xxx-endpoint.azureedge.net/wp-content/themes/soledad/fonts/penciicon.ttf. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.

I see that the font is loaded through the CDN that was set up by the App Service installer. However, I have no idea what to do next. Your description of how to configure CDN with WordPress doesn't have any more details.

Thanks!

Hello Wordpress AppService gurus,

I would like to request a new feature in the deployment (or even just guidance), that is a deployment that is able to integrate with Azure B2C! I think B2C would be a good standard, and it would show the guidance for any IDP if an existing provider was already being used. Thanks, and I love the pattern!

Will.

Hi Team,

• App Service Plans have a one-to-one relation with a delegated subnet for vnet integration as a limitation.
• And you have an application setting called: WORDPRESS_LOCAL_STORAGE_CACHE_ENABLED where you highly recommend keeping a single instance(no horizontal scaling).

We are planning 20 independent sites at some point using your container deployment and we don't want a single instance shared to be a burden with the compute load for all sites, so we are thinking not to share the plan. So instead of 20 app services within a single app service plan. We are effectively having 20 app service plans with a single app service each, right?

But this means, we will be creating delegated subnets to have a one-to-one relationship a single app service plan. Resulting in 20 delegated subnets?

What can be done to address this making so many subnets?

How to integrate wordpress-linux-appservice with application insights?
Shouldn't the image be instrumented by design?

The only reference I could find is the abandoned App Insights plugin for wordpress - https://github.com/Microsoft/ApplicationInsights-WordPress.

I've enabled AI in the app service but I don't see any logs, so I'm assuming there's no integration with python SDK right now?

I recently migrated my personal blog from a CPanel hosting option to Azure.

I have used the Bicep template as an example and deployed to Azure App Service, Storage Account and an Azure Front Door profile. I am experiencing very sluggish performance - particularly when viewing the site administration pages. Loading different pages can take quite a few seconds sometimes.

I also use the official JetPack plugin. It has very limited functionality with the new hosting setup and can't seem to connect to or read a lot of the site data. Do I need to enable any PHP extensions for this to work? What's the best way to troubleshoot this container image?

Not sure if I have something misconfigured or if this is expected behavior.

The site is here
The Bicep code is here

Any help would be appreciated!

Hi Team,

We are trying to deploy WordPress on the azure app service and it keeps failing at the MySQL flexible server deployment step. We tried it on West Europe and North Europe regions with different subscriptions.

Any help would be appreciated.

Thanks.

https://github.com/Azure/wordpress-linux-appservice/blob/main/WordPress/running_post_startup_scripts.md - suddenly startup script is not working anymore. When we restart the App service all our custom nginx settings disappear. This is a really big big problem. What could have happened?

I see wpcli is installed in the service but I cannot seem to make it work.

/var/www/wordpress# wp --allow-root plugin list

Warning: mysqli_real_connect(): (HY000/2002): No such file or directory in /var/www/wordpress/wp-includes/class-wpdb.php on line 2019
Error: `No such file or directory`
Error establishing a database connection

I presume it has something to do with the env variables for the db connection not being present in the shell I am in?

I open the ssh connection through Web App -> App Service plan -> Development Tools -> SSH.

I'm using /home/dev/startup.sh to move Wordpress to a subfolder as per these instructions.

#!/bin/bash

logfile="/home/LogFiles/logfile.txt"
# Redirect all subsequent output to logfile
exec >> "$logfile"

echo "Update wp-config.php to include blog directory in WP_HOME"
sed -i "s/define('WP_HOME', \$http_protocol \. \$_SERVER\['HTTP_HOST'\]);/define('WP_HOME', \$http_protocol \. \$_SERVER\['HTTP_HOST'\] \. '\/blog\/');/" /home/site/wwwroot/wp-config.php

echo "create blog directory if it does not exist"
if [ ! -d /home/site/wwwroot/blog ]; then
    mkdir /home/site/wwwroot/blog
fi

echo "move all other files and directories to blog directory"
find /home/site/wwwroot -maxdepth 1 -not \( -name blog -o -name .htaccess -o -name index.php -o -name wwwroot \) -exec mv {} /home/site/wwwroot/blog \;

echo "copy .htaccess and index.php to blog directory"
cp /home/site/wwwroot/.htaccess /home/site/wwwroot/blog/
cp /home/site/wwwroot/index.php /home/site/wwwroot/blog/

# Close logfile
exec >&-

And it works, for a hot minute, but then something comes along and puts all the files back at /home/site/wwwroot.

Message received:
Invalid MySQL servername found! serverHostName=

Where is it looking for this value?

Hi
I followed step by step this: https://github.com/Azure/wordpress-linux-appservice/blob/main/WordPress/wordpress_WebPimages_support.md but i can´t get them to work.

Hey I am receiving the following error:

Initiating MySQL import on destination site.
Waiting for post processing of import data. This may take a while. Elapsed time = 4222 seconds.
Could not complete post processing on destination site. App data and MySQL dump zip extraction failed. Please retry migration.

Any Idea why this is happening?

Hello, PHP 8.0 will be unsupported by November 2023. Do you have an ETA for PHP 8.2? Thanks.

the repo seems to be missing the actual scripts to do the deployment such as ARM/Biceo templates.
can you share these??

There is the same issue (#42) in the closed issue, but I also had the same issue, so I created a new issue.

Hi,

When I'm running the tool (v 1.0.0 x86 or x64) with regular access, it closed, With elevated privilege I don't get the authentication pop-up and while selecting the Subscription filed in the Source Site and clicking on Select a Subscription, I get an exception error:

The error relates to JiT but the tenant isn't configured with Just in Time access and doesn't even have the Azure AD Premium 2 licence?

I'v got VS Pro 2022 w/ .Net 6 installed.

Is there a workaround to get the access token so the tool can use it? I didn't try using PS with Az modules to connect has it's not the same context.

P.N. my workstation is onboarded with MS Defender and Microsoft Endpoint Management (Intune), if there's any related issues.

Thank you for your help!

The error details:

juste-à-temps (JIT) à la place de cette boîte de dialogue.

************** Texte de l'exception **************
System.ArgumentNullException: Value cannot be null. (Parameter 'id')
   at Azure.Core.Argument.AssertNotNull[T](T value, String name)
   at Azure.ResourceManager.ArmResource..ctor(ArmClient client, ResourceIdentifier id)
   at Azure.ResourceManager.Resources.SubscriptionResource..ctor(ArmClient client, ResourceIdentifier id)
   at Azure.ResourceManager.Resources.SubscriptionResource..ctor(ArmClient client, SubscriptionData data)
   at Azure.ResourceManager.Resources.SubscriptionCollection.Get(String subscriptionId, CancellationToken cancellationToken)
   at WordPressMigrationTool.Utilities.AzureManagementUtils.GetResourceGroupsInSubscription(String subscriptionId, SubscriptionCollection subscriptions)
   at WordPressMigrationTool.MigrationUX.winSubscriptionChangeWorker_DoWork(Object sender, DoWorkEventArgs e)
   at System.ComponentModel.BackgroundWorker.OnDoWork(DoWorkEventArgs e)
   at System.ComponentModel.BackgroundWorker.WorkerThreadStart(Object argument)


************** Assemblys chargés **************
System.Private.CoreLib
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
WordPressMigrationTool
    Version de l'assembly : 1.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Runtime
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Windows.Forms
    Version de l'assembly : 6.0.2.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.ComponentModel.Primitives
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Windows.Forms.Primitives
    Version de l'assembly : 6.0.2.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Runtime.InteropServices
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Drawing.Primitives
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Collections.Specialized
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Threading
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Diagnostics.TraceSource
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Collections
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Drawing.Common
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Microsoft.Win32.Primitives
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.ComponentModel.EventBasedAsync
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Threading.Thread
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Accessibility
    Version de l'assembly : 4.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.ComponentModel.TypeConverter
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Numerics.Vectors
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Memory
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.ComponentModel
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Microsoft.Win32.SystemEvents
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Azure.Identity
    Version de l'assembly : 1.7.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Azure.Core
    Version de l'assembly : 1.25.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
netstandard
    Version de l'assembly : 2.1.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Threading.Tasks.Extensions
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.ObjectModel
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Linq
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Collections.NonGeneric
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Net.Http
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Runtime.InteropServices.RuntimeInformation
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Net.Primitives
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Diagnostics.DiagnosticSource
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Diagnostics.Tracing
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Security.Cryptography.X509Certificates
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Security.Cryptography.Primitives
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Net.Security
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Private.Uri
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Microsoft.Identity.Client
    Version de l'assembly : 4.39.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Azure.ResourceManager
    Version de l'assembly : 1.3.1.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Microsoft.Bcl.AsyncInterfaces
    Version de l'assembly : 1.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Collections.Concurrent
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Linq.Expressions
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Text.Json
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Net.Sockets
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Threading.Overlapped
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Net.NameResolution
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Threading.ThreadPool
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
Microsoft.Win32.Registry
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Runtime.CompilerServices.Unsafe
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Text.Encoding.Extensions
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Security.Principal.Windows
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Security.Claims
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Security.Cryptography.Encoding
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Diagnostics.FileVersionInfo
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Runtime.Loader
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Windows.Forms.resources
    Version de l'assembly : 6.0.2.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Diagnostics.StackTrace
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Reflection.Metadata
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------
System.Collections.Immutable
    Version de l'assembly : 6.0.0.0
    Version Win32 : Non applicable
    CodeBase : 
----------------------------------------

************** Débogage JIT **************

I'm logging in startup.sh and I see it running 5+ super quickly on a single restart.

 cat /home/dev/startup.sh 
#!/bin/bash

logfile="/home/LogFiles/logfile.txt"
# Redirect all subsequent output to logfile
exec >> "$logfile"

echo $(date -u +"%Y-%m-%dT%H:%M:%S.%NZ")


# Close logfile
exec >&-

cat /home/LogFiles/logfile.txt

2023-03-22T00:56:15.952928190Z
2023-03-22T00:56:17.997979125Z
2023-03-22T00:56:20.064646867Z
2023-03-22T00:56:23.144562588Z
2023-03-22T00:59:59.141869943Z

^^^ One restart

2023-03-22T01:00:01.013172165Z
2023-03-22T01:00:03.358892067Z
2023-03-22T01:00:06.503725322Z
2023-03-22T01:00:59.223512182Z
2023-03-22T01:01:00.408812270Z
2023-03-22T01:01:02.569425763Z
2023-03-22T01:01:05.977319301Z

^^^ A different restart

Hello
What other solution or plugin do you recommend other than W3 Total Cache to connect to Azure Blob Storage?
I am trying out this one: https://wordpress.org/plugins/windows-azure-storage/ but it uploads the files like year/month instead of wp-content/uploads/year/month which is not working for us.

W3 Total Cache did a good job but we rather use WP Rocket as a caching plugin.

Hello Team.

I have two questions.

About the issue described in the title, I was informed you going to remove the policy, but, I will like to confirm if it will be delete o change for other Referrer-Policy?.

Too, I will like to know what was the reason to use or set the strict-origin policy? Our client say the password protect redirect error not happened before, so, trusting in they word, I suppose the policy not exist before, o even the spec-setting.conf file not exist before.

I will appreciate your help.

I can send a message fine from the Communication Service 'Try Email', but when I tried to send from a form on my site, I get this error after a long delay:

cURL error 28: Connection timed out after 5000 millisecondsClick here for more support.

Hi!

I've been trying to browse/find the wordpress container over at https://mcr.microsoft.com/ so I can review the available tags so I can lock down our install to a specific tag version but search shows a 404 while trying to navigate directly to https://mcr.microsoft.com/en-us/appsvc/wordpress-alpine-php 404s 👎

Any thoughts or suggestions where I can review the available image tags?

The current Bicep code creates the new virtual network and 2 new subnets. Would it be possible to create new subnets in existing Vnet which is located in another resource group? Thank you!

Hi,

I have put both the App Service and the MySQL Flexible server behind my own VNet and Subnets. MySQL Flexible server use Private DNS Zone. When browse the App URL: mywebsite.azurewebsites.net, I got database connection error. Then I run nslookup command:

nslookup mywebiste.mysql.database.azure.com

Server:         127.0.0.11
Address:        127.0.0.11:53

Non-authoritative answer:
mywebiste.mysql.database.azure.com  canonical name = mywebiste.privatelink.mysql.database.azure.com

But if I do nslookup mywebiste.privatelink.mysql.database.azure.com

It return error:

nslookup mywebiste.privatelink.mysql.database.azure.com

Server:         127.0.0.11
Address:        127.0.0.11:53

** server can't find mywebiste.privatelink.mysql.database.azure.com: NXDOMAIN

Then I check the /etc/resolv.conf

# This container is using an embedded dns resolver
# The configured nameservers at startup are 168.63.129.16
# The configured options for the listener at startup are timeout:1 attempts:5
nameserver 127.0.0.11
options ndots:0 timeout:15 attempts:2

Then I update the the nameserver from 127.0.0.11 to 168.63.129.16 in the /etc/resolv.conf, everything is working.

Question: How do I let App Service don't use the embedded dns resolver 127.0.0.11 instead of the Microsoft default DNS 168.63.129.16 instead?

Thanks

Tao

appsvc/wordpress-alpine-php 8.2 is using PHP 8.2.5, but PHP 8.2.8 is currently the latest one, would nice if you could update the docker image.
Also appsvc/wordpress-alpine-php 8.0 is not up to date.

PS: Where is the docker file (Dockerfile) of those images located at? Would be nice if you could add a link in the README.md.

Hi,

I installed the plugin Azure Wordpress-on-Linux-App-Service-plugins main app_service_email.zip and followed the installation steps described in the WordPress Email Integration, and this works.

However the emails containing a HTML body are send as plain text.
How can we send them as HTML?

Thanks

Hello :)

In a fresh setup out-of-the-box, I notice that salts and keys are not set in /home/site/wwwroot/wp-config.php. This raises some security concerns, to say the least.

Is this intentional, am I missing something here?

Hi,
I've configured a multi-site wordpress instance with Front Door.

Front Door has 3 routes that proxy traffic to the app service:

• wordpressp-xxx.azurefd.net -> wordpress app origin group
• site1.customdomain.org -> wordpress app origin group with Origin Path /site1
• site2.customdomain.org -> wordpress app origin group with Origin Path /site2

My network admin -> sites configuration looks like this:

• wordpressp-xxx.azurefd.net/site1 for site1
• wordpressp-xxx.azurefd.net/site2 for site2
• wordpressp-xxx.azurefd.net for main

The sites look OK when initially opened. The custom domain is used and site1 path is correctly added by FrontDoor. The problem is that all the links are absolute and use wordpressp-xxx.azurefd.net instead of custom domain.

I tried changing site configuration:

• Site Address (URL)
• siteurl
• home
  but nothing worked so far.

What's the correct setup for this custom domain -> multi-site deployment?

Does Azure install updates to Wordpress Core automatically, or does that fall under customer responsibility?

My assumption would be that it would be customer responsibility, but this statement (from https://github.com/Azure/wordpress-linux-appservice/tree/main) leads me to believe otherwise:

"It also supports virtual networks, and the ability to run in an isolated and dedicated App Service Environment. WordPress updates and patches, threat detection and blocking, and traffic encryption with free SSL certificates are part of what we offer to all of our customers."

This solution is not designed to handle installing Wordpress into a subfolder of Nginx root folder. There are several things which prevent this from working.

TL;DR Proposed fix

1. Change the use of WORDPRESS_HOME so it is either blank and installs Wordpress /home/site/wwwroot or it can be set to a value which is an acceptable subfolder name. (ex: blog)
2. Modify the unison based sync to sync /home/site/wwwroot not WORDPRESS_HOME.

There still must be an .htaccess and an index.php in /home/site/wwwroot.
The path in index.php must also include your subfolder name with a preceding slash:

• No subfolder: require __DIR__ . '/wp-blog-header.php';
• With subfolder require __DIR__ . '/' . $WORDPRESS_HOME . '/wp-blog-header.php';

Full Analysis

Required App Service Secret Knowledge

Here are some things which I assume are coming from App Services, I don't see them in these container definitions or in any public repos.

Unison is syncing WORDPRESS_HOME to HOME_SITE_LOCAL_STG

NOTE: HOME_SITE_LOCAL_STG is /var/www/wordpress

If you run top in your container you will see unison is running to sync files.

unison /home/site/wwwroot /var/www/wordpress -auto -batch -times -copythreshold 1000 -prefer /home/site/wwwroot -repeat watch -ignore Path wp-content/uploads -perms 0 -log=false

Nginx Root is not /home/site/wwwroot

/etc/nginx/conf.d/default.conf in the image repo has root set to /home/site/wwwroot, but /usr/local/bin/nginx_update_post_filesync.sh changes it to HOME_SITE_LOCAL_STG (/var/www/wordpress) when "initial filesync completes".

All of that is OK, and makes sense upon consideration. App Svcs is using the persisted storage to share all the files between the scale-out instances of your container.

How I tried to make this work

Attempt 1: Change the install to /home/site/wwwroot/blog

ISSUE: Unison syncs WORDPRESS_HOME not /home/site/wwwroot to HOME_SITE_LOCAL_STG

I wiped /home/site/wwwroot and /var/www/wordpress, set WORDPRESS_HOME on my App Svc to /home/site/wwwroot/blog and restarted. This installed Wordpress into the right folder. But the Unison job running syncs your files from the new WORDPRESS_HOME back into the root folder of Nginx root (HOME_SITE_LOCAL_STG) not in the subfolder.

In this scenario, the sym link from HOME_SITE_LOCAL_STG/wp-content/uploads is to /home/sire/wwwroot/blog/uploads. It the is correct WORDPRESS_HOME. (see ls -la /var/www/wordpress/wp-content/).

Attempt 2: Move the files post install using startup.sh

Note: This is supported and well documented in the Wordpress.

Additional Info: how to use /home/dev/startup.sh.

In startup.sh I moved Wordpress files from /home/site/wwwroot to /home/site/wwwroot/blog and using sed made config changes in files. On restart, entrypoint.sh looks for WORDPRESS_HOME/wp-config.php and if it doesn't exist it calls setup_wordpress which installs WP and puts all the files back into /home/site/wwwroot. Unison then syncs and now you have wordpress in both /home/site/wwwroot and /home/site/wwwroot/blog.

I tried using touch /home/site/wwwroot/wp-config in startup.sh to fool Entrypoint, but it runs first so its hard to get this to work reliably.

In this scenario, even if the files didn't sync, there is still a link from HOME_SITE_LOCAL_STG/wp-content/uploads to /home/site/wwwroot/wp-content/uploads. I assume this is using WORDPRESS_HOME. (see ls -la /var/www/wordpress/wp-content/) based on it being correct in Attempt #1.

Attempt 3: Do this all manually

In this example I tried to do this all by hand. I ran the all the code from statup.sh by hand.

# Make sure that the blog directory exists
if [ ! -d /home/site/wwwroot/blog ]; then
    mkdir /home/site/wwwroot/blog
fi

# Add the blog subfolder to the wp-config.php file
sed -i "s@define('WP_HOME', \$http_protocol \. \$_SERVER\['HTTP_HOST'\]);@define('WP_HOME', \$http_protocol \. \$_SERVER\['HTTP_HOST'\] . '/blog/');@" /home/site/wwwroot/wp-config.php
sed -i "s@define('WP_SITEURL', \$http_protocol \. \$_SERVER\['HTTP_HOST'\]);@define('WP_SITEURL', \$http_protocol \. \$_SERVER\['HTTP_HOST'\] . '/blog/');@" /home/site/wwwroot/wp-config.php

# Move all the files to the blog subfolder
find /home/site/wwwroot -maxdepth 1 -not \( -name blog -o -name .htaccess -o -name index.php -o -name wwwroot \) -exec mv {} /home/site/wwwroot/blog \;

# Copy .htaccess and index.php to blog directory
cp /home/site/wwwroot/.htaccess /home/site/wwwroot/blog/
cp /home/site/wwwroot/index.php /home/site/wwwroot/blog/

# Modify root index.php to include blog subfolder
sed -i "s@require __DIR__ \. '/wp-blog-header\.php';@require __DIR__ \. '/blog/wp-blog-header.php';@" /home/site/wwwroot/index.php

# create a blank wp-config.php in the root to trick Entrypoint.sh
touch /home/site/wwwroot/wp-config.php

I then used top and watched for unison to finish churning. Closed top and checked /var/www/wordpress looked correct. It did! And the site worked at /blog !!

But there is no symlink at /var/www/wordpress/blog/wp-content for the uploads folder to /home/site/wwwroot/blog/wp-content/uploads/. And the ignore in the unison does not match either so it is being synced which is incorrect.

And when I restarted the Container, the Wordpress install ran again.

Default address range on WordPress on Azure. WordPress on Azure uses 10.0.0.0/16 as a default address range for VNET. this is a huge address range and 99.9% of customer cases they will not be able to integrate it with existing infrastructure. I'd like to raise as a product request. Can we consider a less range as a default one 10.0.0.0/24?

It would be handy to have a guide on how to modify PHP settings like execution time as certain addons want longer periods.

Hi,

It seems that the default values for permissions are not suitable for production , the folders wp-admin, wp-content, wp-includes are all 777.

total 240
drwxrwxrwx  2 nginx nginx  4096 May 12 06:34 conf
-rw-r--r--  1 nginx nginx   405 May 11 12:10 index.php
-rw-r--r--  1 nginx nginx 19915 May 12 04:24 license.txt
-rw-r--r--  1 nginx nginx     0 May 12 04:23 nginx.conf
-rw-r--r--  1 nginx nginx  7402 May 12 04:24 readme.html
-rw-r--r--  1 nginx nginx  7205 May 11 12:10 wp-activate.php
drwxrwxrwx  9 nginx nginx  4096 May 11 12:10 wp-admin
-rw-r--r--  1 nginx nginx   351 May 11 12:10 wp-blog-header.php
-rwxrwxrwx  1 nginx nginx  2338 May 11 12:10 wp-comments-post.php
-rw-r--r--  1 nginx nginx  3013 May 12 04:24 wp-config-sample.php
-rw-rw----  1 nginx nginx  5029 May 12 11:08 wp-config.php
drwxrwxrwx  8 nginx nginx  4096 May 12 12:21 wp-content
-rwxrwxrwx  1 nginx nginx  5536 May 12 04:24 wp-cron.php
drwxrwxrwx 28 nginx nginx 12288 May 12 04:24 wp-includes
-rwxrwxrwx  1 nginx nginx  2502 May 12 04:24 wp-links-opml.php
-rwxrwxrwx  1 nginx nginx  3792 May 12 04:24 wp-load.php
-rwxrwxrwx  1 nginx nginx 49330 May 12 04:24 wp-login.php
-rwxrwxrwx  1 nginx nginx  8541 May 12 04:24 wp-mail.php
-rwxrwxrwx  1 nginx nginx 24993 May 12 04:24 wp-settings.php
-rwxrwxrwx  1 nginx nginx 34350 May 11 12:10 wp-signup.php
-rwxrwxrwx  1 nginx nginx  4889 May 12 04:24 wp-trackback.php
-rwxrwxrwx  1 nginx nginx  3238 May 12 04:24 xmlrpc.php

Is there a script that i can run to set the permissions properly, i tried the following script but it did not work, could be because it is for ubuntu while the current instance running on Alpine Linux.

https://gist.github.com/Adirael/3383404

The email plugin is working great after some wrangling through all the Azure screens. However, my HTML emails from WordPress are getting mangled. Looks like additional < br > tags are getting inserted somewhere along the line. Is there a way around that?

Old app service on windows installations used the semicolon-delimited connection string format for the DB connection string, such as

Database=xxxx;Data Source=xxx.mysql.database.azure.com;User Id=xxx@contoso;Password=xyzzy

Since there is no source code in the repo, I can't tell you what the problem is, but our azure-managed password was starting with a semicolon, so the migration utility's final error said password= (the password was empty).

Once I changed the password to not contain any semicolons, the migration succeeded.

I suspect the migration tool is using string splits on ; and then = to parse the source connection string, but it should have used the same regular expressions used in the wp-config.php files for these template-generated azure instances...

$connectstr_dbhost = preg_replace("/^.*Data Source=(.+?);.*$/", "\\1", $value);
$connectstr_dbname = preg_replace("/^.*Database=(.+?);.*$/", "\\1", $value);
$connectstr_dbusername = preg_replace("/^.*User Id=(.+?);.*$/", "\\1", $value);
$connectstr_dbpassword = preg_replace("/^.*Password=(.+?)$/", "\\1", $value);

Hi, I got the deployment working with front door.

However, when I do the most common practice of changing the home page to a specific page:

The website breaks, with an error too many redirects:

• This problem exists even if I deploy through the manual deployment from the portal.
• This also exists if I deploy on my personal azure tenant as well not just our work tenant.

Which tells me its a problem with the deployment itself (either the container or missing elements on front door)

What can be done to address this?

Hi,

Where can I find the docker source file for the wordpress-alpine-php Docker Image?

• The github repo Azure-App-Service/wordpress-alpine-php haven't been updated for 6 years.
• The docker hub appsvcorg/wordpress-alpine-php image is 2 years old.

Thanks,

Tao

Hi Radhika,

Apologies in the delay raising this ticket.

I have enabled WP Debugging and have a bit more info below.

App Service Configuration is the following :

Name : WP_EMAIL_CONNECTION_STRING
Value : endpoint=https://XXXXXXX.communication.azure.com/;[email protected];accesskey=XXXXXXXXXXXXXXXXXX

Note : I have deliberately changed the access key for this ticket, but I have triple checked it, I have also run a "try email test" in the portal.

Initially this all did work for one day, and if it helps those two test emails where sent on 22nd August 2023 at 5pm

ever since it has stopped working.

Here is the output from the word press debug :

c8f586a9742d:/var/www/html# tail -f /var/log/php-fpm/php-fpm.www.log
[08-Sep-2023 14:23:09 UTC] PHP Warning: Undefined array key "status" in /var/www/wordpress/wp-content/plugins/Azure-Wordpress-on-Linux-App-Service-plugins-main-app_service_email/admin/mailer/class-azure_app_service_email-controller.php on line 163
[08-Sep-2023 14:23:09 UTC] PHP Warning: Undefined array key "status" in /var/www/wordpress/wp-content/plugins/Azure-Wordpress-on-Linux-App-Service-plugins-main-app_service_email/admin/mailer/class-azure_app_service_email-controller.php on line 163
[08-Sep-2023 14:23:09 UTC] PHP Warning: Undefined array key "status" in /var/www/wordpress/wp-content/plugins/Azure-Wordpress-on-Linux-App-Service-plugins-main-app_service_email/admin/mailer/class-azure_app_service_email-controller.php on line 163

Plugin.
App Service Email Plugin enables seamless integration with the Azure Email Communication Service, empowering your WordPress website with the ability to leverage Microsoft Azure's robust infrastructure for email delivery.

Version : 1.0.0

Thanks in advance

Tony

After the 1st WordPress app has been created, MySQL database server, Vnet, CDN, storage account ... also are available. Would it be possible to have another Bicep code to create another WordPress app for joining to the same vnet, using the same CDN, and MySQL database server. Thank you!