aaPanel Docs

Appearance

WP Toolkit -- Local Manage

WP Toolkit is a tool dedicated to managing WordPress websites

Local Manage Overview

alt text

FunctionDescribe
The domain name bound to the site. Click the site name of the current site to configure and modify the current site.
StatusDisplays the running status of the current website. Click the running status of the current site to disable the current site.
Back upDisplays the backup status of the current site, click the current site backup status, can View, Restore, Download and Backup the current site file contains the database backup file of the current site.
Document Root
Displays the current site directory path, click the current site directory, it will directly jump to the current directory of Files management.
CacheTurn on/off Cache to cache site files to improve access speed. Currently only nginx is supported. If you don't use nginx, you can use the WordPress plugin WP Super Cache.
Automatically checks the current site for security vulnerabilities
WP SettingDisplays the WordPress version number of the current site. You can Clone the current site, manage Plugin, Theme, use Tamper-proof for Enterprise Protection, Integrity check or Reinstall the current site.
PHPDisplays the PHP version number of the current site, click to change the PHP version number of the current site
SSLDisplays the SSL status of the current site, click to bind SSL to the current site
LoginLogin to the current site
ModifySet the configuration of the current site
DeleteDelete current site

Site name or Modify

When clicking Site name or Modify, can modify the site configuration, SSL, log, etc.

  • Domain Manager: Add, delete domain/IP alt text
  • Wordpress Setting

    1. Base setup

      FunctionDescribe
      Login URLDisplays the URL of the management background login page of the current site. Click it to open it.
      StatusDisplays the WordPress version of the current site. If there is a new version, you can click Update to update it.
      CacheTurn on/off, clear the cache of the current site, currently only supports nginx.
      User nameDisplay the account of the current site administrator
      Reset passwordReset the current site administrator password. Leave it blank if no reset is required.
      Email addressDisplays the email address of the current site administrator
      Website Language
      		Displays the language of the current site, you can select a language supported by WordPress
      WPS-Hide-Login
      		Use WPS-Hide-Login to hide the management background login page. After setting, you need to use the changed management background login link.

      alt text

    2. Plugin: To manage the Plugin of the current site, can Install, Active, Uninstall, and auto update Plugin. alt text

    3. Theme: To manage the Theme of the current site, can Install, Active, Uninstall, and auto update Theme. Note that only one Theme can be activated. alt text

  • Security
    1. Limit access: Specifying the site directory requires an account and password alt text
    2. Deny access: Disable access to files in the specified directory of the site alt text
    3. Hotlink Protection: Only the specified domain name can be used to access the resources of the current site. If it is not the specified domain name, an error will be returned. alt text
  • Config

  1. Site directory

    alt text

    FunctionDescribe
    Site directorySet the deployment directory of the current website
    Running directorySpecify the secondary directory as the running directory
    Anti-XSS attackAnti-cross-site attack (open_basedir), prevent hackers from conducting intrusion attacks through other site directories, that is, add and delete .user.ini file
    Write access log
    		Turn on/off the log of the current site and add access logs
    Password access
    		Turn on/off account and password access to the entire current site

  2. Config file: View and modify the configuration of the current site.

Note that if there is a # comment, please do not delete or modify it.

alt text

  1. URL rewrite: create or use an existing template. Through conversion, you can convert dynamic web pages into static pages to enhance the friendliness of the search engine

If replace Apache with Nginx, you need to reset the URL rewrite to the Nginx configuration.

alt text

  1. Redirect: Set the current site's specified domain name or directory 301/302 jump specified address alt text
  2. Reverse proxy: Set the current website proxy to access resources of other sites alt text
  3. Traffic control: Limit traffic control for the current site alt text
  • SSL

    1. Curr, other Certs: View, disable, save (enable) the SSL certificate of the current site, or paste the SSL certificate content settings alt text

    2. Business Certificate: aaPanel commercial certificates for cooperation with SSL providers

      If purchased Business Certificate, can check out this tutorial on how to verify it:

      alt text

    3. Let's Encrypt:

      • File verification: Let's Encrypt servers verify domain ownership by accessing this website's files alt text

        1. If an error occurs, please troubleshoot first and then verify. Multiple errors will be limited Let's Encrypt Rate Limits.

        2. If you encounter verification failure, please troubleshoot according to the prompts

          • Maybe the domain name resolution has not taken effect and no resolution has been added.
          • Let's Encrypt cannot access your website. You can check redirection and proxy issues. Try to access and see if the display is normal. Apply again after it is normal.

        3. If file verification is not available, use DNS verification

        4. If restrictions appear, use third-party website SSL

      • DNS verification (Wildcard support): Let's Encrypt server verifies domain name ownership by parsing DNS records. If DNS records are added manually, they will not be automatically renewed. alt text

        1. If the domain name is in CloudFlare, you can use the DNS API, otherwise you can only manually add the TXT record according to the prompts.

        2. Adding a txt record takes a certain amount of time to take effect. During this period, do not close the txt recording window prompted by aapanel

        3. Manually adding a txt record will not automatically renew the Let's Encrypt SSL certificate.

        Click to view How to apply for a pan-domain name certificate

    4. Certificate holder: The SSL certificate that has been set will be saved here alt text

  • PHP version: Set the PHP version of the current site, according to the version required by the current site, if you need to add the PHP version, you can add in the App Storealt text
  • Response log
    1. Access log: Access log of current site alt text
    2. Error log: Error log for current site alt text
    3. Log Security Analysis: Scan the log files of the current site for requests containing attack types (types include: xss, sql, san, php) alt text

Add WordPress - Create site

FunctionDescribe
DomainEnter your website domain name
Website Title
Website title for wordpress
LanguageChoose the language in which the site appears
PHP versionSelect the PHP version to be used, if there is no suitable version, please install it in the App Store
WP versionSelect the version you need to install. Note: Versions 5.6.0+ automatically turn on automatic version updates
User nameEnter your administrator username to log in to the word press management background
PasswordEnter your administrator password to log in to the word press management background
EmailEnter your email address
PrefixMysql database table prefix, the default domain is used to create the database, such as: wptest2.com, the database name is: sql_wptest2_com
CacheTurn on Cache to cache site files to improve access speed. Currently only nginx is supported.

alt text

Add WordPress - Create from backup

Supports recovery from WP Toolkit-created sites backed up by aaPanel, Plesk or CPanel

FunctionDescribe
Backup TypeSelect the recovery method: support aaPanel, Plesk or CPanel backed up sites created by WP Toolkit
Backup File PathUpload the backup file or select the file on this server to restore
DomainEnter your website domain name
Website PathEnter the site file storage directory. If it is empty, use the domain name directory.
PHP versionChoose the PHP version your site uses

alt text

Migrate Site

Migrate WordPress from PHP Project to WP Toolkit, only for sites created with WordPress when adding site

alt text

WP Sets

Use WP Sets to quickly specify plugins and themes to install on site

Create Set: Click to create a set

  1. Name: Set name

  2. Plugins: Display the number of added Plugins

    • Add Plugins: Click Add Plugins, enter the information to search for the Plugin to be added, select the Plugin to be added, and click Add. Adding is complete alt text

  3. Themes: Display the number of added themes

    • Add Themes: Click Add Themes, enter the information to search for the Theme to be added, select the Theme to be added, and click Add. Adding is complete alt text

  4. Operate:

    • Install: Click Install under the specified Set, select the site to be installed, click Install, and wait for the installation to complete. alt text
    • Delete: Delete unnecessary Sets

Vulnerability Scan

WP Toolkit automatically detects whether there are security vulnerabilities in the WordPress program, plugins, and themes of the current site.

  • Vulnerability List: Check whether there are security vulnerabilities in the current site. Can Rescan and Ignore the vulnerabilities. alt text
  • Ignore List: Vulnerabilities that need to be ignored can be added alt text
  • Auto scan: Turn on/off automatic scanning, enabled by default alt text

WP Setting

WordPress Setting allows you to clone the current site, manage plugins and themes, use Tamper-proof for Enterprise Protection, Integrity check or reinstall the current site.

  • version (6.6.2): Displays the WordPress version number of the current site

  • Clone

    1. Create subdomain: Create a subdomain site using the current site's plugins, themes, databases, and files
    2. Create new domain: Create a new domain name site using the current site’s plugins, themes, databases, and files alt text

  • Plugin: Manage the Plugin of the current site, you can Install, Active, Uninstall, and auto update Plugin. alt text

  • Theme: Manage the Theme of the current site, you can Install, Active, Uninstall, and auto update Theme. Note that only one Theme can be activated. alt text

  • Protection

    1. File Protection:Use Tamper-proof for Enterprise to protect current site

    2. Nginx WAF: Use Nginx WAF to protect the current site. Currently only Nginx is supported. Apache can install Apache WAF in the App Store.

    3. Hotlink Protection: Protect images, files and other resources of the current site to prevent external link attacks alt text

  • Integrity check

    1. Verify Checksums: Check whether the current site has been tampered with. If tampering is detected, you can click Reinstall WP to restore WordPress core files to the site.

    2. Reinstall WP: Reinstall WordPress to restore WordPress core files alt text

Login

  • Password-free login: Log in to the current site management backend without a password
  • Login: Open the current site management background login interface, and you need to enter your account and password information. alt text
  • Quickly find websites through Domain

Batch operation

Can be used when selecting one or more websites

FunctionDescribe
Enable websiteEnable sites in batches
Disable websiteStop sites in batches
Backup websiteBackup sites in batches
Delete websiteDelete sites in batches

alt text

Usage example 1

  • Add a new WordPress site using the 175_1.kern123.top domain name
    1. Go to the domain name provider and point the A record of 175_1.kern123.top to the server IP address such as 192.168.66.175. alt text
    2. After entering the domain name, user, password and other information, click Confirm. alt text

    If the deployment fails, please go to the Logs interface to view the Panel Logs -- Run logs reason for the deployment failure.

    1. Wait for aaPanel to finish adding the WordPress site alt text
    2. Click SSL of the current site to configure the SSL certificate. If no SSL certificate is configured, it can only be accessed using http
    3. Click Login to enter the site backend and make some other settings. alt text

Usage example 2

  • Migrate site from Plesk to aaPanel

    1. Go to the domain name provider and point the A record of 175_16.kern123.top to the server IP address such as 192.168.66.175. alt text
    2. Log in to Plesk to back up your WordPress site and download it to your local computer. alt text
    3. In aaPanel, click Add WordPress, select Create from backup, select Plesk or CPanel, choose to upload the file or select the specified file.
    4. After entering the domain name and other information, click Confirm to add the site.
      • Can use the same domain name as the backup website
      • You can also use a different new domain name for the backup website alt text
    5. Wait for aaPanel to complete restoring the WordPress site alt text
    6. Click SSL of the current site to configure the SSL certificate. If no SSL certificate is configured, it can only be accessed using http
    7. Click Login to enter the site backend and make some other settings. alt text

Feedback or Suggestions

If you encounter problems or suggestions during use, please contact us through the following methods:

  • (Please describe in detail or provide screenshots)
  1. Forum: https://www.aapanel.com/forum
  2. Email: [email protected]