This article is part of a series created in partnership with SiteGround. Thank you for supporting the partners who make SitePoint possible.
Version control is an integral part of the web development workflow, and it is no less necessary with WordPress sites. However, getting a WordPress site set up with version control, or more specifically, with Git, can be challenging in several ways. Knowing what to commit to your Git repositories and what to ignore can be challenging. Syncing database changes can be similarly so. And WordPress, with its ease of updates and additions straight to live sites, makes it incredibly easy to update the live site directly, disrupting the version control process.
Below are a few options for using Git with WordPress, some information about VersionPress, the well known Git plugin, as well as a brief mention of hosting-based Git implementations.
Using Git with WordPress
Using Git with WordPress can be a challenge. Here are a few tips that can get you going the right direction (note that these tips are assuming you already have a basic familiarity with Git):
Regarding your database connection, you should do one of two things: Either use the same exact database name and credentials in development, staging, and production environments, so that there is no difference in your wp-config.phpdatabase connection info, or else .gitignore your wp-config.php entirely so that it doesn’t get overwritten with the info from your local development environment.
Speaking of things to ignore, you should also probably .gitignore your uploads directory. It’s unnecessary to be syncing uploads, and uploads are the one thing that may be added to the production file system only, so no need to cause unnecessary sync problems!
Disabling certain abilities within WordPress can be useful as well.
- Disable automatic updates by adding define( ‘AUTOMATIC_UPDATER_DISABLED’, true ); to wp-config.php. This will stop the automatic updates from occurring altogether on the productions site.
- Disable the admin panel’s file editor by adding define( ‘DISALLOW_FILE_EDIT’, true ); to prevent it from being used to modify theme code and other files on the production site.
- Or, stop themes, plugins, etc from being modified or added at all (rendering the previous wp-config.php suggestions unnecessary) on production with define( ‘DISALLOW_FILE_MODS’, true );. This ensures that all updates are first done in a development or staging environment, and then pushed manually to the live site.
- Note that usage of any of these restrictions should be coupled with creating a process to ensure that updates are regularly performed. Automatic updates exist for a reason, and if you don’t ensure your sites are up to date, you’re making them less vulnerable from one type of risk and more to another.
Backups created manually or by plugins should be stored somewhere outside of the Git repository (preferably to an offsite or cloud backup).