claude-plugin-wordpress-manager 1.9.0 → 2.1.0

package/skills/wp-monitoring/references/reporting-templates.md

@@ -0,0 +1,207 @@
+# Reporting Templates
+
+## Daily Health Summary
+
+```markdown
+## Daily Health Report — [site-name]
+**Date:** [YYYY-MM-DD] | **Status:** [✅ Healthy / ⚠️ Degraded / ❌ Down]
+
+### Uptime
+- HTTP status: [200 OK / error code]
+- Response time: [X.Xs] (threshold: < 3s)
+- SSL expires in: [X days]
+- WP-Cron last run: [timestamp]
+
+### Quick Metrics
+| Metric | Value | Status |
+|--------|-------|--------|
+| Active plugins | X | [✅ / ⚠️ outdated] |
+| Pending updates | X | [✅ / ⚠️] |
+| Spam comments (24h) | X | [✅ / ⚠️] |
+| Pending moderation | X | [✅ / ⚠️] |
+
+### Alerts (last 24h)
+- [Alert summary or "No alerts"]
+
+### Action Required
+- [ ] [Any urgent items]
+```
+
+## Weekly Performance Report
+
+```markdown
+## Weekly Performance Report — [site-name]
+**Period:** [start-date] to [end-date]
+
+### Core Web Vitals
+| Metric | Mon | Tue | Wed | Thu | Fri | Sat | Sun | Avg | Target | Status |
+|--------|-----|-----|-----|-----|-----|-----|-----|-----|--------|--------|
+| LCP (s) | — | — | — | — | — | — | — | — | ≤ 2.5 | ✅/⚠️/❌ |
+| INP (ms) | — | — | — | — | — | — | — | — | ≤ 200 | ✅/⚠️/❌ |
+| CLS | — | — | — | — | — | — | — | — | ≤ 0.1 | ✅/⚠️/❌ |
+| TTFB (ms) | — | — | — | — | — | — | — | — | ≤ 800 | ✅/⚠️/❌ |
+
+### Uptime Summary
+- Availability: [XX.X%]
+- Total downtime: [Xm Xs]
+- Incidents: [count]
+- Average response time: [Xms]
+
+### Plugin Health
+| Status | Count |
+|--------|-------|
+| Up to date | X |
+| Update available | X |
+| Security update | X |
+
+### Content Activity
+- Posts published: X
+- Posts modified: X
+- Comments received: X
+- Spam blocked: X
+
+### Trend vs Last Week
+| Metric | Last Week | This Week | Delta |
+|--------|-----------|-----------|-------|
+| Avg LCP | X.Xs | X.Xs | [+/-X%] |
+| Avg TTFB | Xms | Xms | [+/-X%] |
+| Lighthouse score | XX | XX | [+/-X] |
+| Plugin count | X | X | [+/-X] |
+
+### Recommendations
+1. [Priority action based on trends]
+2. [Secondary action]
+```
+
+## Monthly Security Report
+
+```markdown
+## Monthly Security Report — [site-name]
+**Period:** [month YYYY]
+
+### Security Posture Summary
+| Area | Status | Details |
+|------|--------|---------|
+| WordPress Core | [✅ current / ⚠️ update available] | v[X.X.X] |
+| PHP Version | [✅ current / ⚠️ outdated] | v[X.X] |
+| Plugins | [✅ / ⚠️ X outdated] | X active, X inactive |
+| SSL Certificate | [✅ valid / ⚠️ expiring] | Expires [date] |
+| File Integrity | [✅ clean / ❌ modified] | [details] |
+| User Accounts | [✅ / ⚠️ review needed] | X admins, X total |
+
+### Vulnerability Summary
+| Severity | Count | Resolved | Outstanding |
+|----------|-------|----------|-------------|
+| Critical | X | X | X |
+| High | X | X | X |
+| Medium | X | X | X |
+| Low | X | X | X |
+
+### Security Events
+| Date | Event | Severity | Status |
+|------|-------|----------|--------|
+| [date] | [event] | [P0-P3] | [resolved/open] |
+
+### Plugin Security Audit
+| Plugin | Version | Latest | CVEs | Status |
+|--------|---------|--------|------|--------|
+| [name] | [ver] | [latest] | [count] | [✅/⚠️/❌] |
+
+### User Account Audit
+| Username | Role | Last Login | Status |
+|----------|------|-----------|--------|
+| [user] | [role] | [date] | [✅ active / ⚠️ dormant] |
+
+### File Integrity Check
+- Core files verified: [✅ / ❌ X modified]
+- Uploads directory: [✅ clean / ❌ suspicious files]
+- Modified files: [list if any]
+
+### Recommendations (Priority Order)
+1. [Most urgent security action]
+2. [Second priority]
+3. [Third priority]
+```
+
+## Quarterly Trend Analysis
+
+```markdown
+## Quarterly Trend Analysis — [site-name]
+**Period:** Q[X] [YYYY] ([start-month] to [end-month])
+
+### Performance Trend
+| Metric | Month 1 | Month 2 | Month 3 | Trend |
+|--------|---------|---------|---------|-------|
+| Avg LCP | X.Xs | X.Xs | X.Xs | [📈/📉/➡️] |
+| Avg TTFB | Xms | Xms | Xms | [📈/📉/➡️] |
+| Lighthouse Score | XX | XX | XX | [📈/📉/➡️] |
+| Uptime % | XX.X% | XX.X% | XX.X% | [📈/📉/➡️] |
+
+### Security Trend
+| Metric | Month 1 | Month 2 | Month 3 | Trend |
+|--------|---------|---------|---------|-------|
+| Vulnerabilities found | X | X | X | [📈/📉/➡️] |
+| Mean time to patch | Xd | Xd | Xd | [📈/📉/➡️] |
+| Security incidents | X | X | X | [📈/📉/➡️] |
+
+### Content Growth
+| Metric | Month 1 | Month 2 | Month 3 | Total |
+|--------|---------|---------|---------|-------|
+| Posts published | X | X | X | X |
+| Pages added | X | X | X | X |
+| Media uploaded | X | X | X | X |
+| Comments | X | X | X | X |
+
+### Infrastructure Changes
+- [Plugin additions/removals]
+- [Theme changes]
+- [Hosting changes]
+- [PHP/WordPress version upgrades]
+
+### Key Insights
+1. [Performance observation with data]
+2. [Security observation with trend]
+3. [Content observation]
+
+### Recommendations for Next Quarter
+1. [Strategic recommendation]
+2. [Tactical recommendation]
+3. [Maintenance recommendation]
+```
+
+## Executive Dashboard Format
+
+For non-technical stakeholders:
+
+```markdown
+## WordPress Site Health — [site-name]
+**Report Date:** [YYYY-MM-DD]
+
+### Overall Status: [🟢 Healthy / 🟡 Needs Attention / 🔴 Critical]
+
+### Key Numbers
+| | This Period | Previous | Change |
+|---|-----------|----------|--------|
+| 🔒 Security Score | X/10 | X/10 | [+/-X] |
+| ⚡ Speed Score | X/100 | X/100 | [+/-X] |
+| 📈 Uptime | XX.X% | XX.X% | [+/-X%] |
+| 📝 Content Published | X items | X items | [+/-X] |
+
+### Attention Required
+- [0-3 bullet points of urgent items in plain language]
+
+### Recent Improvements
+- [1-3 bullet points of completed improvements]
+
+### Next Steps
+- [1-3 bullet points of planned work]
+```
+
+## Report Delivery Schedule
+
+| Report | Frequency | Audience | Channel |
+|--------|-----------|----------|---------|
+| Daily Health | Every morning | DevOps / Site admin | Email / Slack |
+| Weekly Performance | Monday morning | Development team | Email |
+| Monthly Security | 1st of month | Security team + Management | Email + document |
+| Quarterly Trend | End of quarter | Executive / Stakeholders | PDF / presentation |

package/skills/wp-monitoring/references/security-scanning.md

@@ -0,0 +1,168 @@
+# Security Scanning
+
+## Plugin Vulnerability Checks
+
+### WP-CLI Plugin Audit
+
+```bash
+# List all plugins with versions
+wp plugin list --fields=name,version,status,update_version --format=table
+
+# Check for available updates (potential security fixes)
+wp plugin list --update=available --format=table
+```
+
+### CVE Database Lookup
+
+For each active plugin, check against known vulnerabilities:
+
+```bash
+# Using WPScan API (requires API token)
+curl -s "https://wpscan.com/api/v3/plugins/PLUGIN_SLUG" \
+  -H "Authorization: Token token=YOUR_API_TOKEN" | jq '.vulnerabilities'
+
+# Using Wordfence vulnerability feed
+curl -s "https://www.wordfence.com/api/intelligence/v2/vulnerabilities/production" | \
+  jq --arg plugin "PLUGIN_SLUG" '.[] | select(.software[].slug == $plugin)'
+```
+
+### Automated Plugin Security Check Script
+
+```bash
+#!/bin/bash
+# plugin-security-check.sh — Check plugins against known CVEs
+
+SITE_URL="$1"
+ALERT_EMAIL="admin@example.com"
+
+# Get list of active plugins via WP-CLI
+PLUGINS=$(wp plugin list --status=active --fields=name,version --format=json --url="$SITE_URL")
+
+OUTDATED=$(echo "$PLUGINS" | jq -r '.[] | select(.update_version != null) | "\(.name) \(.version) -> \(.update_version)"')
+
+if [ -n "$OUTDATED" ]; then
+  echo "Outdated plugins on $SITE_URL:" > /tmp/security-alert.txt
+  echo "$OUTDATED" >> /tmp/security-alert.txt
+  mail -s "Security: Outdated Plugins on $SITE_URL" "$ALERT_EMAIL" < /tmp/security-alert.txt
+fi
+```
+
+## File Integrity Monitoring
+
+### WordPress Core Verification
+
+```bash
+# Verify core files against checksums
+wp core verify-checksums
+
+# Check for modified core files
+wp core verify-checksums 2>&1 | grep -v "Success"
+```
+
+### Custom File Hash Baseline
+
+```bash
+#!/bin/bash
+# file-integrity-baseline.sh — Create/compare file hash baseline
+
+WP_ROOT="$1"
+BASELINE_FILE="$WP_ROOT/.file-integrity-baseline.sha256"
+
+if [ "$2" == "--create" ]; then
+  # Create baseline
+  find "$WP_ROOT" -type f \
+    \( -name "*.php" -o -name "*.js" -o -name ".htaccess" \) \
+    -not -path "*/wp-content/uploads/*" \
+    -not -path "*/wp-content/cache/*" \
+    -exec sha256sum {} \; | sort > "$BASELINE_FILE"
+  echo "Baseline created: $(wc -l < "$BASELINE_FILE") files"
+else
+  # Compare against baseline
+  CURRENT=$(mktemp)
+  find "$WP_ROOT" -type f \
+    \( -name "*.php" -o -name "*.js" -o -name ".htaccess" \) \
+    -not -path "*/wp-content/uploads/*" \
+    -not -path "*/wp-content/cache/*" \
+    -exec sha256sum {} \; | sort > "$CURRENT"
+
+  DIFF=$(diff "$BASELINE_FILE" "$CURRENT")
+  if [ -n "$DIFF" ]; then
+    echo "FILE INTEGRITY ALERT:"
+    echo "$DIFF"
+  else
+    echo "All files match baseline"
+  fi
+  rm "$CURRENT"
+fi
+```
+
+## User Account Anomaly Detection
+
+Monitor for suspicious user activity via WP REST Bridge:
+
+1. **New admin accounts** — `list_users` with `roles: "administrator"`, compare count with baseline
+2. **Unknown accounts** — Compare user list with known/approved users
+3. **Role escalation** — Track user roles over time, alert on changes
+
+### Check Script
+
+```bash
+# Count administrators
+wp user list --role=administrator --format=count
+
+# List all admins with last login (if tracked)
+wp user list --role=administrator --fields=ID,user_login,user_email,user_registered --format=table
+```
+
+## Malware Scanning
+
+### WP-CLI Based Scan
+
+```bash
+# Search for common malware patterns in PHP files
+grep -rn "eval(base64_decode\|eval(gzinflate\|eval(str_rot13\|preg_replace.*e'" \
+  --include="*.php" /path/to/wordpress/
+
+# Check for suspicious files in uploads
+find /path/to/wordpress/wp-content/uploads -name "*.php" -type f
+
+# Check for hidden files
+find /path/to/wordpress -name ".*" -type f -not -name ".htaccess" -not -name ".maintenance"
+```
+
+### Core File Comparison
+
+```bash
+# Download fresh WordPress and compare
+wp core download --path=/tmp/fresh-wp --version=$(wp core version) --skip-content
+diff -rq /path/to/wordpress/wp-includes /tmp/fresh-wp/wp-includes | grep "differ"
+diff -rq /path/to/wordpress/wp-admin /tmp/fresh-wp/wp-admin | grep "differ"
+rm -rf /tmp/fresh-wp
+```
+
+## WordPress Core Version Tracking
+
+```bash
+# Current version
+wp core version
+
+# Check for updates
+wp core check-update --format=json
+```
+
+Alert thresholds:
+- **Info**: Minor update available (e.g., 6.4.1 → 6.4.2)
+- **Warning**: Major update available (e.g., 6.4 → 6.5)
+- **Critical**: Security release available (check release notes)
+
+## Scanning Schedule
+
+| Scan Type | Frequency | Method |
+|-----------|-----------|--------|
+| Plugin update check | Daily | WP-CLI / WP REST Bridge |
+| Core verify checksums | Weekly | WP-CLI |
+| File integrity check | Daily | Hash comparison script |
+| Admin user audit | Weekly | WP REST Bridge list_users |
+| Malware scan | Weekly | grep patterns + file check |
+| Core version check | Daily | WP-CLI |
+| Full vulnerability scan | Monthly | WPScan API or Wordfence |

package/skills/wp-monitoring/references/uptime-checks.md

@@ -0,0 +1,140 @@
+# Uptime Checks
+
+## HTTP Health Probe
+
+### Basic HTTP Check
+
+Verify the site responds with HTTP 200:
+
+```bash
+# Simple uptime check
+curl -s -o /dev/null -w "%{http_code} %{time_total}s" https://example.com
+
+# With timeout and follow redirects
+curl -sL -o /dev/null -w "%{http_code} %{time_total}s %{time_connect}s" \
+  --connect-timeout 10 --max-time 30 https://example.com
+```
+
+Expected: HTTP 200, response time < 3s.
+
+### WordPress REST API Health
+
+Check the REST API is responsive:
+
+```bash
+# REST API discovery
+curl -s https://example.com/wp-json/ | jq '.name, .url'
+
+# Specific endpoint check
+curl -s -o /dev/null -w "%{http_code}" https://example.com/wp-json/wp/v2/posts?per_page=1
+```
+
+### Custom Health Endpoint
+
+Create a lightweight health check mu-plugin:
+
+```php
+<?php
+/**
+ * Plugin Name: Health Check Endpoint
+ * Description: Lightweight health endpoint for monitoring.
+ */
+add_action('rest_api_init', function () {
+    register_rest_route('monitoring/v1', '/health', [
+        'methods'  => 'GET',
+        'callback' => function () {
+            global $wpdb;
+            $db_ok = (bool) $wpdb->get_var('SELECT 1');
+            return [
+                'status'    => $db_ok ? 'ok' : 'degraded',
+                'timestamp' => gmdate('c'),
+                'wp_version' => get_bloginfo('version'),
+                'php_version' => PHP_VERSION,
+                'db_ok'     => $db_ok,
+            ];
+        },
+        'permission_callback' => '__return_true',
+    ]);
+});
+```
+
+Endpoint: `GET /wp-json/monitoring/v1/health`
+
+## SSL Certificate Monitoring
+
+```bash
+# Check SSL expiry date
+echo | openssl s_client -servername example.com -connect example.com:443 2>/dev/null \
+  | openssl x509 -noout -enddate
+
+# Days until expiry
+EXPIRY=$(echo | openssl s_client -servername example.com -connect example.com:443 2>/dev/null \
+  | openssl x509 -noout -enddate | cut -d= -f2)
+DAYS=$(( ($(date -d "$EXPIRY" +%s) - $(date +%s)) / 86400 ))
+echo "SSL expires in $DAYS days"
+```
+
+Alert thresholds:
+- **Warning**: < 30 days until expiry
+- **Critical**: < 7 days until expiry
+
+## Cron-Based Scheduling
+
+### System Cron (Recommended for Production)
+
+```bash
+# Disable WP-Cron (add to wp-config.php)
+define('DISABLE_WP_CRON', true);
+
+# System cron every 5 minutes
+*/5 * * * * curl -s https://example.com/wp-cron.php > /dev/null 2>&1
+```
+
+### Monitoring Cron Script
+
+```bash
+#!/bin/bash
+# monitor-site.sh — Run from cron every 5 minutes
+
+SITE_URL="https://example.com"
+ALERT_EMAIL="admin@example.com"
+LOG_FILE="/var/log/wp-monitor.log"
+
+HTTP_CODE=$(curl -sL -o /dev/null -w "%{http_code}" --connect-timeout 10 --max-time 30 "$SITE_URL")
+RESPONSE_TIME=$(curl -sL -o /dev/null -w "%{time_total}" --connect-timeout 10 --max-time 30 "$SITE_URL")
+
+TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+
+echo "$TIMESTAMP status=$HTTP_CODE time=${RESPONSE_TIME}s" >> "$LOG_FILE"
+
+if [ "$HTTP_CODE" != "200" ]; then
+  echo "ALERT: $SITE_URL returned HTTP $HTTP_CODE at $TIMESTAMP" | \
+    mail -s "Site Down: $SITE_URL" "$ALERT_EMAIL"
+fi
+
+# Slow response alert (> 5 seconds)
+if (( $(echo "$RESPONSE_TIME > 5.0" | bc -l) )); then
+  echo "SLOW: $SITE_URL took ${RESPONSE_TIME}s at $TIMESTAMP" | \
+    mail -s "Slow Response: $SITE_URL" "$ALERT_EMAIL"
+fi
+```
+
+## WP REST Bridge Integration
+
+Use WP REST Bridge MCP tools for uptime checks:
+
+1. `discover_content_types` — verifies API connectivity
+2. `list_content` with `per_page: 1` — confirms database is responding
+3. `list_plugins` — confirms plugin system is functional
+
+If any MCP call fails or times out, the site may be down or degraded.
+
+## Response Time Thresholds
+
+| Metric | Good | Warning | Critical |
+|--------|------|---------|----------|
+| HTTP response | < 1s | 1–3s | > 3s |
+| TTFB | < 600ms | 600ms–1.5s | > 1.5s |
+| REST API | < 2s | 2–5s | > 5s |
+| SSL days remaining | > 30 | 7–30 | < 7 |
+| WP-Cron last run | < 15min | 15min–1h | > 1h |