Configure WordPress for

The end goal of this guide is to deploy your WordPress app to a project on In many ways, a project is just a collection of tools around a Git repository. A project replicates the branching structure of a repository exactly, but with one important addition: any branch can be activated to become an environment on Activated environments go through’s build and deploy phases, resulting in a fully isolated running site for each activated branch (or pull request) on that repository.

Once an environment is activated, provisions a cluster of containers to deploy your app. The configuration of that cluster is controlled by three YAML files:

  • .platform/routes.yaml controls how incoming requests are routed to your app, or apps in a multi-app setup. It also controls the built-in HTTP cache. If you’re only using the single default route, you don’t need this file.
  • .platform/services.yaml controls what additional services are created to support your app, such as databases or search servers. Each environment has its own independent copy of each service. If you’re not using any services, you don’t need this file.
  • controls the configuration of the container where your app lives. It’s the most powerful configuration file with the most options. So it can get somewhat long depending on your configuration.

Each project on needs at least the last file and each file can be customized however you need. But most WordPress sites have a fairly similar configuration, at least to start.

You can start by creating empty versions of each of these files in your repository:

# Create empty configuration files
touch && mkdir -p .platform && touch .platform/routes.yaml

Now that you’ve added these files to your project, you can go through and configure each of them for WordPress one by one in the sections below. Each section covers a particular configuration file, defines what each attribute configures, and then shows a final code snippet that includes the recommended configuration for WordPress pulled from its template. Within that snippet, be sure to read each of the comments as they provide additional information and reasoning for why WordPress requires those values.

Requests configuration: routes.yaml 

The routes.yaml file controls the routing and caching for all HTTP requests sent to your app. Typically you just route all incoming requests to your one app container, where your site lives, but many more elaborate configurations are possible.

The two most important parts to configure are the main route itself and its caching rules. A route can have a placeholder of {default}, which is replaced with a branch-specific generated domain name or, in production, your configured domain name.

The route then has an upstream, which is the name of the container that it should forward requests to. Most of the time, you want your app’s name.

You can (and should) enable the HTTP cache. The router includes a basic HTTP cache that obeys the HTTP cache headers produced by your app. However, by default HTTP caches includes all cookies in the cache key. So if you have any cookies at all, you can’t cache the site. The cookies key allows you to select which cookies should matter for the cache Generally, you just want the user session cookie, which is included in the example for WordPress. You may need to add other cookies depending on what additional modules you have installed.

Routes can also be HTTP redirects, either fully or partially. In the following example, all requests to www.{default} are redirected to the equivalent URL without www. You could configure it the other way around if you want. More complex redirects are also possible.

Don’t worry about unencrypted HTTP routes. All requests on are TLS-enabled and HTTP requests are automatically redirected to HTTPS.

If you don’t include a routes.yaml file, a single default route is deployed. This is equivalent to the following:

  type: upstream
  upstream: <APP_NAME>:http

Where <APP_NAME> is the name you’ve defined in your app configuration.

You can also create other routes as you like:

# The routes of the project.
# Each route describes how an incoming URL is going
# to be processed by

    type: upstream
    upstream: "app:http"
        enabled: true
        # Base the cache on the session cookies. Ignore all other cookies.
            - '/^wordpress_logged_in_/'
            - '/^wordpress_sec_/'
            - 'wordpress_test_cookie'
            - '/^wp-settings-/'
            - '/^wp-postpass/'
            - '/^wp-resetpass-/'

    type: redirect
    to: "https://{default}/"

Service configuration: services.yaml 

The services.yaml file lists the pre-packaged services you need for your application to run. You pick the major version of the service and updates the patch version periodically so that you always get the newest version when you deploy.

We recommend the latest MariaDB version for WordPress.

You can add other services if desired, such as Solr or Elasticsearch. You need to configure to use those services once they’re enabled.

Each service entry has a name (db in the example below) as well as a type that specifies the service and version to use. Note that not all services support clean version upgrades, and none support downgrades. If you want to try upgrading a service, confirm on its service page that it’s supported and test on a branch before pushing to your production branch.

If a service stores persistent data, then it also has a disk key, which specifies the amount of storage to give it, in MB.

# The services of the project.
# Each service listed will be deployed
# to power your project.

    type: mariadb:10.4
    disk: 2048

Application container: 

The file is the heart of your configuration. It has an extensive set of options that allow you to configure nearly any aspect of your app. Most of it is explained with comments inline. This file changes over time as you build out your site.

Notice that the build flavor is set to composer, which will automatically download WordPress core, as well as your plugins, themes, and dependencies during the build step as defined in your composer.json file. Since WordPress’s caching and uploads require write access at runtime, they’ve been given corresponding mounts defined for them at the bottom of the file. MariaDB is accessible to WordPress internally at database.internal thanks to the relationship definition database. The WordPress CLI is added as a build dependency, but we will still need to add some additional dependencies in the next step so that it can be used by the application and via SSH.

# This file describes an application. You can have multiple applications
# in the same project.

# The name of this app. Must be unique within a project.
name: app

# The runtime the application uses.
type: "php:7.4"

# Configuration of the build of the application.
    flavor: composer

        composer/composer: '^2'
        wp-cli/wp-cli-bundle: "^2.4.0"

    build: |
        set -e
        # Copy manually-provided plugins into the plugins directory.
        # This allows manually-provided and composer-provided plugins to coexist.
        rsync -a plugins/* wordpress/wp-content/plugins/        

# The relationships of the application with services or other applications.
# The left-hand side is the name of the relationship as it will be exposed
# to the application in the PLATFORM_RELATIONSHIPS variable. The right-hand
# side is in the form `<service name>:<endpoint name>`.
    database: "db:mysql"

# The configuration of app when it is exposed to the web.
            # The public directory of the app, relative to its root.
            root: "wordpress"
            # The front-controller script to send non-static requests to.
            passthru: "/index.php"
            # Wordpress has multiple roots (wp-admin) so the following is required
                - "index.php"
            # The number of seconds whitelisted (static) content should be cached.
            expires: 600
            scripts: true
            allow: true
                    allow: false
                    allow: false
                    allow: false
            root: "wordpress/wp-content/cache"
            scripts: false
            allow: false
            root: "wordpress/wp-content/uploads"
            scripts: false
            allow: false
                # Allow access to common static files.
                    allow: true
                    expires: 1w

# The size of the persistent disk of the application (in MB).
disk: 2048

# The mounts that will be performed when the package is deployed.
        source: local
        source_path: "cache"
        source: local
        source_path: "uploads"

      command: |
                curl -fsS | { bash /dev/fd/3 sop-autoupdate; } 3<&0