---
title: WP-CLI & Ops
category: product
entity_type: skill
price: $15
canonical: https://forgehouse.ai/skills/wp-wpcli-and-ops/
lang: en
hreflang_alt: https://forgehouse.ai/tr/skiller/wp-wpcli-and-ops/
last_updated: 2026-06-20
---

# WP-CLI & Ops

> WordPress WP-CLI operations

A safety-first operations playbook for WP-CLI that makes WordPress migrations, DB operations and bulk changes repeatable and auditable. Built around a three-gate safety model: confirm environment and target, back up first, dry-run then execute: it specializes in serialization-safe search-replace, multisite targeting and CI/CD automation so you never break production with a wrong path, broken serialized data, or the wrong site.

## Use cases
- Domain/URL migration between staging and production
- DB snapshot, import, export, reset and inspection
- Plugin/theme install, update and network-wide activation
- Cron event inspection and manual debug triggers
- Multisite site-specific or network-wide operations
- Post-deploy cache flush and rewrite refresh in CI/CD

## Benefits
- Serialization-safe search-replace prevents the white-screen corruption a naive sed/SQL replace causes
- Three-gate safety model (env check, backup, dry-run) stops destructive ops in the wrong environment
- Explicit --url targeting prevents one command from breaking all sites in a multisite network
- Trap-based rollback restores the DB automatically if any step in a risky chain fails

## What’s included
- Safe URL migration script (backup, dry-run, precise serialization-safe replace, cache/rewrite flush)
- Environment guard pattern that refuses destructive ops on production-looking URLs
- Multisite network operation patterns with per-site iteration
- Transaction-like rollback via trap ERR and wp db import
- Platform-difference table (local/macOS, Linux/CI, containerized)
- wp-cli.yml environment config for @production/@staging targeting

## Who it’s for
DevOps and WordPress operators running migrations, bulk operations or CI/CD automation who cannot afford a wrong-environment mistake.

## How it runs
One careless search-replace can corrupt every serialized option in the database. Three gates stand in front of that: environment confirmed, backup exported and verified, dry run read before anything real executes.
1. Confirm the environment before anything else: wp option get siteurl must return the expected target, an environment guard refuses commands when the URL looks like production, and every multisite command carries an explicit url parameter so one site is hit, not fifty.
2. Back up first, without exception: a timestamped wp db export before every destructive operation, with the file size verified above zero before proceeding.
3. Dry-run the change: search-replace runs with dry-run and changed-only reporting, the affected row count is read and sanity-checked, and only then does the real run execute with precise mode and the guid column skipped.
4. Never touch serialized data with raw SQL or sed; wp search-replace is serialization-aware and updates PHP byte-length wrappers correctly, while regex mode loses that protection and is treated as dangerous.
5. Chain risky operations fail-secure: strict shell mode plus an error trap that re-imports the backup, so a failed plugin or core update rolls the site back automatically instead of leaving it half-broken.
6. Close with the verification checklist: cache flush and rewrite flush, a smoke test of the homepage, admin panel and one sample post, and proof that the rollback file actually imports.

## FAQ
### We deploy through CI/CD, does this fit automated pipelines or only manual terminal work?
Both. It ships wp-cli.yml environment configs for @production/@staging targeting, post-deploy cache flush and rewrite refresh steps for CI/CD, and a platform-difference table covering local macOS, Linux/CI and containerized setups. The same three-gate safety model applies whether a human or a pipeline runs the command.

### How is its search-replace safer than running sed or raw SQL on the database?
WordPress stores serialized PHP arrays whose string lengths are encoded in the data; a naive sed or SQL replace changes the string but not the length, corrupting the array and white-screening the site. The playbook uses WP-CLI's serialization-aware replace wrapped in backup and dry-run gates, plus trap-based rollback that restores the DB if a step fails.

### Will it stop me from ever breaking production?
No tool can promise that, and this one does not. What it does is make the destructive moment hard to reach by accident: an environment guard refuses dangerous ops on production-looking URLs, backups are mandatory before changes, and dry-run precedes execute. A deliberate override is still your responsibility.

## Price
$15, one-time, no subscription. VAT included.

Related guide: [How to run a marketing agency with AI automation](https://forgehouse.ai/guides/ai-marketing-agency-automation/)