🚀 MCP WordPress Server

The Most Comprehensive WordPress MCP Server

Manage WordPress sites with natural language through AI tools like Claude Desktop

Quick Start • Features • Installation • Documentation • Examples

Transform WordPress management from complex admin panels to simple conversations:

❌ Before: Login → Admin Panel → Navigate → Click → Fill Forms → Save
✅ After:  "Create a new blog post about AI trends with SEO optimization"

Key Advantages:

• 🏆 Most Complete: 59 tools vs 20-30 in alternatives
• ⚡ Fastest Setup: 2-click Claude Desktop installation via DXT
• 🔒 Production Ready: 207 tests, security audited, battle-tested
• 🎯 TypeScript Native: 100% type safety, best-in-class developer experience
• 🌐 Multi-Site: Manage unlimited WordPress sites from one place

Get up and running in under 5 minutes:

• WordPress: Version 5.6+ with REST API enabled
• Claude Desktop: Latest version installed
• Application Password: Generated from WordPress admin panel

1️⃣ Generate WordPress Application Password

WordPress Admin → Users → Profile → Application Passwords → Add New

2️⃣ Install MCP Server (Choose One)

Option A: DXT Extension (Easiest)

# Download and install in Claude Desktop
curl -L https://github.com/docdyhr/mcp-wordpress/raw/main/mcp-wordpress.dxt -o mcp-wordpress.dxt
# Then: Claude Desktop → Extensions → Install → Select DXT file

Option B: NPM Global Install

npm install -g mcp-wordpress

3️⃣ Test Your Connection

In Claude: "Test my WordPress connection"
Response: "✅ Authentication successful! Connected to: Your Site Name"

📺 Watch 2-minute Setup Video | 📖 Detailed Setup Guide

Easiest installation - just 2 clicks!

1. Download: mcp-wordpress.dxt (2.6MB)
2. Install: Claude Desktop → Extensions → Install → Select DXT file
3. Configure: Enter your WordPress site URL and credentials

✅ Zero command line required
✅ Automatic updates
✅ Built-in security

📖 Complete DXT Setup Guide →

# Run directly - always latest version
npx -y mcp-wordpress

# Interactive setup wizard
npm run setup

# Install via Smithery (MCP package manager)
smithery install mcp-wordpress

# Configure and start
smithery configure mcp-wordpress

✅ Package management
✅ Version control
✅ Easy updates

To install mcp-wordpress for Claude Desktop automatically via Smithery:

npx -y @smithery/cli install @docdyhr/mcp-wordpress --client claude

• 💻 NPM Setup - Local development
• 🐳 Docker Setup - Production deployment
• 📦 Smithery Setup - MCP package manager (detailed guide)
• 🔧 Manual Build - Custom builds

• 59 WordPress Tools across 10 categories
• Multi-Site Support - Manage unlimited WordPress installations
• Flexible Authentication - App Passwords, JWT, Basic Auth, API Key
• Real-Time Sync - Instant updates across all connected tools

• ⚡ Intelligent Caching - 50-70% performance improvement
• 📊 Real-Time Monitoring - Performance metrics and optimization insights
• 🔒 Production Ready - Security-reviewed, 95%+ test coverage
• 🔄 Zero Downtime - Graceful error handling and automatic recovery

• 100% TypeScript - Complete type safety and IntelliSense
• 🐳 Docker Support - Production-ready containerization
• 📚 Auto-Generated Docs - API documentation with live examples
• 🔧 Extensible - Custom tool development framework

Perfect for agencies and developers managing multiple WordPress sites:

{
  "sites": [
    {
      "id": "main-site",
      "name": "Main WordPress Site",
      "config": {
        "WORDPRESS_SITE_URL": "https://site1.com",
        "WORDPRESS_USERNAME": "admin",
        "WORDPRESS_APP_PASSWORD": "xxxx xxxx xxxx xxxx xxxx xxxx"
      }
    },
    {
      "id": "client-blog",
      "name": "Client Blog",
      "config": {
        "WORDPRESS_SITE_URL": "https://client-blog.com",
        "WORDPRESS_USERNAME": "editor",
        "WORDPRESS_APP_PASSWORD": "yyyy yyyy yyyy yyyy yyyy yyyy"
      }
    }
  ]
}

Use with site parameter: wp_list_posts --site="main-site"

📖 Complete Multi-Site Setup Guide

1. WordPress Admin → Users → Profile
2. Scroll to Application Passwords
3. Enter name: "MCP WordPress Server"
4. Click Add New Application Password
5. Copy the generated password

• JWT Authentication - With JWT plugin
• Basic Authentication - Username/password (dev only)
• API Key Authentication - With API Key plugin

📖 Complete Authentication Guide

• 📝 Posts (6 tools) - Create, edit, delete, list posts and revisions
• 📄 Pages (6 tools) - Manage static pages and revisions
• 🖼️ Media (6 tools) - Upload, manage media library and files

• 👥 Users (6 tools) - User management and profiles
• 💬 Comments (7 tools) - Comment moderation and management
• 🏷️ Taxonomies (10 tools) - Categories and tags management

• ⚙️ Site Settings (7 tools) - Site configuration and statistics
• 🔐 Authentication (6 tools) - Auth testing and management
• ⚡ Cache Management (4 tools) - Performance caching control
• 📊 Performance Monitoring (6 tools) - Real-time metrics and optimization

📖 Complete Tool Documentation | Live API Reference

Content Creation & Management:

💬 "Analyze my top 10 blog posts and create a new post about emerging trends"
💬 "Upload these 5 images and create a photo gallery page with SEO optimization"
💬 "Review all pending comments and approve the legitimate ones"

Site Management & Analytics:

💬 "Check my WordPress site performance and provide optimization recommendations"
💬 "Create a new user account for my freelance writer with editor permissions"
💬 "Backup my site settings and show me cache performance statistics"

Bulk Operations:

💬 "Update all posts from 2023 to include my new author bio"
💬 "Find all images over 1MB and suggest compression strategies"
💬 "List all users who haven't logged in for 6 months"

No configuration needed - built-in secure credential management!

{
  "mcpServers": {
    "mcp-wordpress": {
      "command": "npx",
      "args": ["-y", "mcp-wordpress"],
      "env": {
        "WORDPRESS_SITE_URL": "https://your-site.com",
        "WORDPRESS_USERNAME": "your-username",
        "WORDPRESS_APP_PASSWORD": "your-app-password"
      }
    }
  }
}

📖 Complete Integration Guide

Create and Publish a Blog Post

You: "Create a new blog post titled 'AI Revolution in 2024' with content about recent AI breakthroughs"
Claude: "I'll create that blog post for you..."
Result: ✅ Post "AI Revolution in 2024" created successfully (ID: 123)

Media Management

You: "Upload the image at /path/to/image.jpg and set it as featured image for post 123"
Claude: "I'll upload that image and set it as the featured image..."
Result: ✅ Image uploaded (ID: 456) and set as featured image

SEO-Optimized Content Creation

You: "Create an SEO-optimized blog post about 'WordPress Security Best Practices' with:
     - Focus keyword: 'WordPress security'
     - Meta description
     - Proper heading structure
     - At least 1500 words"
     
Claude: "I'll create a comprehensive SEO-optimized post on WordPress security..."

Bulk Operations

You: "Find all draft posts older than 30 days and provide a summary"
You: "Update all posts in category 'News' to include a disclaimer at the end"
You: "Delete all spam comments from the last week"

Performance Monitoring

You: "Analyze my site's performance and suggest optimizations"
Claude: "Let me check your site's performance metrics...
         - Cache hit rate: 67%
         - Average response time: 245ms
         - Recommendations: Enable object caching, optimize images..."

User Management

You: "Create a new editor account for john@example.com with a secure password"
You: "List all users who haven't logged in for 90 days"
You: "Update Sarah's role from Author to Editor"

Working with Multiple Sites

You: "List all posts from my client-blog site"
Claude: "I'll list the posts from the client-blog site..."

You: "Compare traffic between main-site and client-blog"
Claude: "Here's a comparison of both sites..."

📖 More Examples | Use Case Library

• Main Test Suite: 207/207 passed (100%)
• Security Tests: 40/40 passed (100%)
• Performance Tests: 8/8 passed (100%)
• CI/CD Pipeline: Fully functional

# Check connection status
npm run status

# Run full test suite
npm test

# Quick validation
npm run test:fast

Our security posture is continuously monitored through automated testing and vulnerability scanning:

• 🛡️ Input Sanitization: All user inputs are validated and sanitized
• 🔐 Authentication Security: Multi-method auth with bypass prevention
• ⚡ Rate Limiting: Built-in protection against abuse and DoS attacks
• 🔍 Vulnerability Scanning: Daily automated security scans
• 📊 Real-time Monitoring: Continuous security status updates
• 🚨 Automated Alerts: Immediate notification of security issues

# Run comprehensive security tests
npm run test:security

# Run penetration testing suite
npm run test:security:validation

# Security vulnerability audit
npm audit

# Full security validation
npm run security:full

• OWASP Top 10: Complete protection against common vulnerabilities
• CVE Monitoring: Automated scanning for known vulnerabilities
• Security Headers: Proper HTTP security headers implementation
• Data Protection: Sensitive credential redaction and secure storage
• Access Control: Role-based permissions and authentication validation

📖 Complete Security Documentation | Security Test Results

1. "Cannot connect to WordPress"

   • Verify WORDPRESS_SITE_URL
   • Test REST API: curl https://your-site.com/wp-json/wp/v2/

2. "Authentication failed"

   • Check username and application password
   • Ensure Application Passwords are enabled
   • Run npm run setup to reconfigure

3. "Tools not appearing in Claude"

   • Restart Claude Desktop after configuration
   • Check Claude Desktop config file format

# Debug mode
DEBUG=true npm run dev

# Connection test
npm run status

# Re-run setup wizard
npm run setup

• Quick Start Guide - Get running in 5 minutes
• Installation Guide - Detailed setup instructions
• Configuration Guide - All configuration options
• Authentication Setup - WordPress auth methods

• Basic Usage - Common tasks and workflows
• Advanced Workflows - Complex automation
• Multi-Site Management - Managing multiple sites
• Troubleshooting - Common issues and solutions

• Claude Desktop - Complete Claude integration
• VS Code - VS Code extension setup
• Cline - Cline AI assistant integration
• Custom Clients - Build your own MCP client

• API Reference - Complete tool documentation
• Architecture - System design and decisions
• Contributing - Development guidelines
• Plugin Development - Extend functionality

• Docker Deployment - Container deployment
• Security Best Practices - Production security
• Performance Tuning - Optimization guide
• Monitoring - Logging and metrics

• WordPress 5.0+ with REST API enabled
• HTTPS recommended for production
• User with appropriate permissions
• Application Passwords enabled (WordPress 5.6+)

# Global installation
npm install -g mcp-wordpress

# Direct usage (recommended)
npx -y mcp-wordpress

# Latest version
docker pull docdyhr/mcp-wordpress:latest

# Specific version
docker pull docdyhr/mcp-wordpress:1.3.1

• NPM: mcp-wordpress
• Docker Hub: docdyhr/mcp-wordpress
• GitHub: Latest releases

Ready to transform your WordPress management?

1. 🏆 Download DXT Extension - Easiest setup (2 minutes)
2. ⚡ Try NPX Method - Power user setup (5 minutes)
3. 📚 Explore All Tools - See what's possible
4. 💬 Join Discussions - Get help and share ideas

Special thanks to Stephan Ferraro for the upstream project that inspired this implementation.