Videos and audios can't be displayed, only happening in Azure. Error info is "Media error: Format(s) not supported or source(s) not found. Download file :https:......". But the link resource can't be found too.

The version of PHP installed on the remote host is prior to 7.4.33. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 7.4.33 advisory.

• The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties.
  This occurs in the sponge function interface. (CVE-2022-37454)

The standard deployment creates a Azure MySql server with SSL off and a firewall rule of Allow 0.0.0.0
For the DB FW rule it might be a problem to provide the actual IPs of the WebApp at deployment time, but please use the setting "Allow all Azure services" instead of 0.0.0.0 - since this is much more restrictive, but will still allow access to the DB from the WebApp.
Regarding SSL - this seems to be a general Wordpress issue, there is no standard/parameter way of enabling SSL in the WP config to the DB? If it is possible, please make SSL default in this scenario and set the DB deployment parameter for SSL only. When hosting outside your private network, I think this is an important feature.
If for some obscure reason WP cannot support SSL to DB, then the deployement should use Azure spesific tools like delegation to a vnet to provide atleast a private network.

We created an Azure Wordpress using this GIT. The deployment created 3 things:

1. App Plan
2. App Service
3. Azure Database for MYSQL

Everything is going well, however, we were trying to create a deployment slot. When we created the slot, we select "Clone configuration" from the original app.

Slot was published and ready, however it has nothing, it simply saying welcome to your App service app, etc.

My questions are:

1. Does the deployment slot share the database?
2. Is deployment slot an option for WordPress on Azure?
3. Note - When i ftp to the slot, i am unable to see any content copied.

Thank you in advance.

Hi,

I'm going to deploy new Wordpress On Azure Web Application.
Please what's the way to change the default version to a other old release ?

Thx in advance.

Hi there I need to configure post_max_size and max_execution_time in the Azure server.

When attempting to enable Wordpress Network Install aka Multisite I get a database corruption error. When adding repair allow to wp-config.php wordpress is unable to repair database.

What would be required to allow this install to support network/multisite?

• Network/Multisite Explanation & Instructions

wp-config.php

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */

//Using environment variables for DB connection information

$connectstr_dbhost = '';
$connectstr_dbname = '';
$connectstr_dbusername = '';
$connectstr_dbpassword = '';

foreach ($_SERVER as $key => $value) {
    if (strpos($key, "MYSQLCONNSTR_") !== 0) {
        continue;
    }
    
    $connectstr_dbhost = preg_replace("/^.*Data Source=(.+?);.*$/", "\\1", $value);
    $connectstr_dbname = preg_replace("/^.*Database=(.+?);.*$/", "\\1", $value);
    $connectstr_dbusername = preg_replace("/^.*User Id=(.+?);.*$/", "\\1", $value);
    $connectstr_dbpassword = preg_replace("/^.*Password=(.+?)$/", "\\1", $value);
}

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', $connectstr_dbname);

/** MySQL database username */
define('DB_USER', $connectstr_dbusername);

/** MySQL database password */
define('DB_PASSWORD', $connectstr_dbpassword);

/** MySQL hostname */
define('DB_HOST', $connectstr_dbhost);

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');


/* Security for Wordpress : 
you may wish to disable the plugin or theme editor to prevent overzealous users from being able to edit sensitive files and 
potentially crash the site. Disabling these also provides an additional layer of security if a hacker gains access to a 
well-privileged user account.
Note : If your plugin or theme you use with your app requires editing of the files , comment the line below for 'DISALLOW_FILE_EDIT'
*/
define('DISALLOW_FILE_EDIT', true);


/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.wordpress.org/Debugging_in_WordPress
 */
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

define('WP_ALLOW_REPAIR', true);

define( 'WP_ALLOW_MULTISITE', true );
define('SUBDOMAIN_INSTALL', false);
define('DOMAIN_CURRENT_SITE', '$SITENAME');
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);


//Relative URLs for swapping across app service deployment slots 
define('WP_HOME', 'http://'. filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_STRING));
define('WP_SITEURL', 'http://'. filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_STRING));
define('WP_CONTENT_URL', '/wp-content');
define('DOMAIN_CURRENT_SITE', filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_STRING));


/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

web.config

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="WordPress Rule 1" stopProcessing="true">
                    <match url="^index\.php$" ignoreCase="false" />
                    <action type="None" />
                </rule>
                <rule name="WordPress Rule 2" stopProcessing="true">
                    <match url="^([_0-9a-zA-Z-]+/)?wp-admin$" ignoreCase="false" />
                    <action type="Redirect" url="{R:1}wp-admin/" redirectType="Permanent" />
                </rule>
                <rule name="WordPress Rule 3" stopProcessing="true">
                    <match url="^" ignoreCase="false" />
                    <conditions logicalGrouping="MatchAny">
                        <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" />
                        <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" />
                    </conditions>
                    <action type="None" />
                </rule>
                <rule name="WordPress Rule 4" stopProcessing="true">
                    <match url="^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*)" ignoreCase="false" />
                    <action type="Rewrite" url="{R:1}" />
                </rule>
                <rule name="WordPress Rule 5" stopProcessing="true">
                    <match url="^([_0-9a-zA-Z-]+/)?([_0-9a-zA-Z-]+/)?(.*\.php)$" ignoreCase="false" />
                    <action type="Rewrite" url="{R:2}" />
                </rule>
                <rule name="WordPress Rule 6" stopProcessing="true">
                    <match url="." ignoreCase="false" />
                    <action type="Rewrite" url="index.php" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

Here are issues which I am facing (issue from Chrome console):

JQMIGRATE: Migrate is installed, version 1.4.1 2(index):657 GET http://naszekotowice.org/wp-content/themes/typo/design/fonts/oswald/oswald-regular.woff net::ERR_ABORTED 404 (Not Found) (index):202 GET http://naszekotowice.org/design/img/ico/ico_gplus_dark.png 404 (Not Found) (index):399 Uncaught ReferenceError: ait is not defined at (index):399 at dispatch (jquery.js?ver=1.12.4:3) at r.handle (jquery.js?ver=1.12.4:3)

ClearDB option.
As far as I can tell it's got all the right connection strings. I'm able to authenticate with all of the env values remotely

The running version is 5.2 and WordPress current version is 5.7+.

This repo is still updating?

@SunBuild, where to find a sample from your video Staged WordPress Deployments on Azure with Sunitha Muthukrishna?

In particular a config data selection is interesting

Hi guys,

I noticed in the template there a "repoUrl" parameter, but we can't figure out where this comes from. Clicking on the deploy button brings us to the deploy screen but we aren't prompted for the repoUrl.

We're assuming this url points to the wordpress source files that get deployed into the Webapp.

When upgrading to PHP 7.1 the instance breaks and returns
"The page cannot be displayed because an internal server error has occurred."

Reverting back to 7.0 fixes it.

Currently playing around with "Wordpress on Linux" in Azure. I was wondering how we can increase the maximum filesize of media uploads. Currently it's limited to 2MB. I've tried several methods to increase the maximum upload size via post_max_size, upload_max_filesize and memory_limit in:

• php.ini
• user.ini
• functions.php

Anybody can help me out with this issue?

Enabled Multiste and got it woking. I can create additional sites on same wordpress, and sites show correctly, but can't edit them because I can not access the dashboard. When going to https://wordpress-caroltech-mx.azurewebsites.net/test1/wp-admin/ I get the following error: "The resource you are looking for has been removed, had its name changed, or is temporarily unavailable."

Can access https://wordpress-caroltech-mx.azurewebsites.net/test1/
but cannot access https://wordpress-caroltech-mx.azurewebsites.net/test1/wp-admin/

Any suggestions to get this fixed?

I'm trying this:

define('WP_CONTENT_URL', 'http://' . getenv('HTTP_HOST') . '/wp-content');

But wp-content is still always defaulting to the app service URL. Is there something else in the custom codebase that prevents it from honoring the config setting?

There is no environment variable associated to the use of SSL in MySQL connection.

Up to date the solution is to edit wp-config.php and add the line:

define('MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL);


Unable to open this page "https://deploy.azure.com/?repository=https://github.com/Dushyantsingh-ds/wordpress-azure"
Error : "This site can’t be reached"

I'm wondering why this has to be in the config file?

Especially I'm wondering about the

The normal is define( ‘WP_CONTENT_URL’, get_option(‘siteurl’) . ‘/wp-content’);

Hello! I just installed this image on a new Azure App Service and was configuring it for multiple sites.

It works great for my root site. I can add a second site, but unable to access it at all.

Here are my steps:

1. Create a new App Service in Azure (linux)
2. Login to the site to ensure it works.
3. Open FTP cline and add define('WP_ALLOW_MULTISITE', true); to the wp-config.php.
4. Restart App Service
5. Log back into the site and go to tools -> Network Setup & follow the instructions
6. Added these lines to my wp-config.php:

define( 'MULTISITE', true );
define( 'SUBDOMAIN_INSTALL', false );
define( 'DOMAIN_CURRENT_SITE', 'mytempsite.azurewebsites.net' );
define( 'PATH_CURRENT_SITE', '/' );
define( 'SITE_ID_CURRENT_SITE', 1 );
define( 'BLOG_ID_CURRENT_SITE', 1 );

(above the comment "/* That's all, stop editing! Happy blogging. */")
Note: this was the directory multisite and not the subdomain multisite.
7. Restart App Service again
8. Log in
9. The Network is setup and the second site is available (see below)

10. Clicking on the second site results in the following error:
    

What I've Tried:

1. Looking into the Network setup, WordPress has detected an nginx config. However, when I ssh into the machine then run service nginx status I get:

• status: stopped

2. Tried starting the nginx config but I get the following output:

 * Starting nginx ...
2023/01/18 21:42:01 [emerg] 19674#19674: bind() to 0.0.0.0:80 failed (98: Address in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address in use)
2023/01/18 21:42:01 [emerg] 19674#19674: bind() to 0.0.0.0:80 failed (98: Address in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address in use)
2023/01/18 21:42:01 [emerg] 19674#19674: bind() to 0.0.0.0:80 failed (98: Address in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address in use)
2023/01/18 21:42:01 [emerg] 19674#19674: bind() to 0.0.0.0:80 failed (98: Address in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address in use)
2023/01/18 21:42:01 [emerg] 19674#19674: bind() to 0.0.0.0:80 failed (98: Address in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address in use)
2023/01/18 21:42:01 [emerg] 19674#19674: still could not bind()
nginx: [emerg] still could not bind()
 * start-stop-daemon: failed to start `/usr/sbin/nginx'
 * Failed to start nginx                                                                                                                                                                              [ !! ]
 * ERROR: nginx failed to start

Unsure how to proceed or what to try next.

Linking issue in another repo : https://github.com/Azure/app-service-quickstart-docker-images/issues/359

I have tried to install the WordPress gallery application twice using two different SQL types, MySQL In App and the Azure Database for MySQL (Preview), but with both basic installations, I'm unable to edit the URLs for my site. I want to update them to be my custom domain, but the boxes are grayed out.

I can edit them in the wp-config.php file instead, but I'd prefer to not do that.

The current version in azuredeploy.json is v7.2 for PHP. This results in a warning in the wordpress dashboard:

PHP is the programming language we use to build and maintain WordPress. Newer versions of PHP are both faster and more secure, so updating will have a positive effect on your site’s performance.

I suggest updating this value to 7.4.

Also, can anyone instruct me in how to update the version of PHP in the app service that I have already deployed?

Ref: https://wpvulndb.com/vulnerabilities/8807

Deploying through the Portal, it the deployment fails with Microsoft.Web/sites/sourcecontrols/write failing with failed Fetch from https://github.com/azureappserviceoss/wordpress-azure.

OPERATION NAME
Microsoft.Web/sites/sourcecontrols/write
OPERATION ID
D50066C62D430E5F
TRACKING ID
c0673565-e5e1-40ea-a714-5ca101c3e4b3
STATUS
Conflict
PROVISIONING STATE
Failed
TIMESTAMP
10/8/2017, 4:36:49 PM
TYPE
Microsoft.Web/sites/sourcecontrols
STATUSMESSAGE
{
  "status": "Failed",
  "error": {
    "code": "ResourceDeploymentFailure",
    "message": "The resource operation completed with terminal provisioning state 'Failed'."
  }
}

STATUS 
Failed
TRIGGERED BY 
GitHub
AUTHOR 
N/A
RAN FOR 
61 seconds
REASON 
Fetch from https://github.com/azureappserviceoss/wordpress-azure

"An unknown error has occurred. Check the diagnostic log for details."

Hi all,

I am using this repository as a deployment source in Azure App Services.

If I add plugins to my wordpress installation, and therefore files are added to the wp-content/plugins folder, will those changes be blown away each time I "Sync" this repository back to my app service?

I am using Wordpress as an example because remote files are uploaded often to the App outside of source control as compared to a JS app. How is this scenario handled in Azure App Service sync or CI?

Update wordpress or tell me how to add my own git repo containing wordpress to use it with azure. If anyone know please help me

Hi there,

Just reading this How-To guide: https://docs.microsoft.com/en-us/azure/app-service/web-sites-php-configure

I have a wordpress+mysql deployed in Azure App Service and tried to set the runtime as PHP 7.x

Now my site is unreachable and keeps getting 500 error even after I set the php-cgi handler, whatever the version, even if I changed back to .Net 4.7.

`

Is there any other guide I can check to change the wordpress deployment to use PHP stack?

Thanks.

When I restaring or stoping apllication

Deleting all contents

I get this error loading fonts for my theme:

Access to font at 'https://(example).azurewebsites.net/wp-content/themes/wpex-chic/fonts/fontawesome-webfont.woff2?v=4.3.0' from origin 'http://(example).eastus.cloudapp.azure.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

How can I set the CORS policy for my app to allow fonts from other domains?

When deploying a new Wordpress on Linux through the Azure portal deployment fails with a conflict error: Parameter with name DATABASE_HOST already exists

To replicate Create a New Wordpress on Linux App in Azure Portal and go with the default settings, after a short while it fails with the above error.

Just deployed to Azure and seeing everything coming from https://mydomain.com/wp-content/* getting 404 error.

//for multiple slots
define('WP_HOME', 'https://'. filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_STRING));
define('WP_SITEURL', 'https://'. filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_STRING));
define('WP_CONTENT_URL', '/wp-content');
define('DOMAIN_CURRENT_SITE', filter_input(INPUT_SERVER, 'HTTP_HOST', FILTER_SANITIZE_STRING));

or
//for a single app service
define('WP_HOME','https://yourdomain.com');
define('WP_SITEURL','https://yourdomain.com');