Updating a 10 year old WordPress

When I started blogging in 2007, WordPress was, if I remember correctly, the only usable piece of software available. These days there are lots of options, and I seriously looked at WriteFreely, Hugo and Toto, the latter I really liked for using git as its content repository. Each of those has their downsides. WriteFreely is difficult to set up as a docker container, Hugo seemed to have nothing over WordPress and Toto seems to have been unmaintained for a decade. Please add your disagreement below. I don’t hate WordPress, but don’t like it either. It just more or less does what I need it to do.

The WordPress version I had, didn’t like PHP 7, so I downloaded the oldest version of WordPress that did. That worked, but it wanted to update my database. My database lacked a table, crashing the upgrade script, so I had to add it by hand:

CREATE TABLE `wp_termmeta` (
`meta_id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`term_id` bigint(20) unsigned NOT NULL DEFAULT '0',
`meta_key` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
`meta_value` longtext COLLATE utf8mb4_unicode_ci,
PRIMARY KEY (`meta_id`),
KEY `term_id` (`term_id`),
KEY `meta_key` (`meta_key`(191))
) ENGINE=InnoDB AUTO_INCREMENT=3255 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

When this seemed to allow WordPress to run locally on my PC, I dumped the database:

# mariadb-dump -u me -p --databases blog > ~/Desktop/20240126-blog.sql

copied it to my server and pulled the latest WordPress container there. When opening the site however, Firefox showed a lot of blocked mixed content. Mixed content is content that the server tries to send to the browser over plain http, while the site is in fact claiming to be fully encrypted. In proper WordPress fashion, the internet seemed to suggest plugins to solve this, but that didn’t work. So I went through the database dump for any mention of http://thefoggiest:

# grep "http://thefoggiest" ~/Desktop/20240126-blog.sql

It came up empty. Some more DuckDuckGo’ing led me to a piece of documentation that explained what to add to wp-config.php when using an internally unencrypted WordPress, such as a docker container, behind an nginx instance that provides ssl. The code snippet mentioned was already in the file mentioned, but there was also this mention of a properly configured HTTP_X_FORWARDED_PROTO header. My nginx configuration did indeed configure this header, but not properly for this case:

proxy_set_header      X-Forwarded-Proto $scheme;

The line above will happily propagate whatever scheme, encrypted or otherwise, is used. So I changed it:

proxy_set_header      X-Forwarded-Proto https;

And with that all the red alerts were gone.

I had mounted the wp-contents-directory as a volume, so I could just copy all the old images into uploads/. I did have to change the path, but could conveniently do that using a setting inside the web interface. The plugin directory also had to be adjusted, but that couldn’t be done simply in the dashboard. This told me to put the following line in wp-config.php :

define( 'WP_PLUGIN_DIR', dirname(__FILE__) . '/full/path/to/wp-content/plugins' );

That allowed me to update and delete my plugins, but I wasn’t there yet. My plugin for showing source code snippets with syntax highlighting didn’t work anymore and I couldn’t find it back, so I found a solution that works not with a plugin but by simply adding these lines to functions.php:

function wpp_highlight() {
  wp_enqueue_style( 'highlightjs-css', '' );

  wp_enqueue_script( 'highlightjs', '', '', 'latest', true );

  wp_add_inline_script( 'highlightjs', 'hljs.highlightAll();' );
add_action('wp_enqueue_scripts', 'wpp_highlight');

It lacks the line numbers and convenient copy icon, but I am somewhat of a minimalist, so the fewer the plugins, the better.

The theme I had used was still available :-), and a few cosmetic tweaks here and there made it into a nice site, easy on the eyes and close to the original. Again, disagree below.

Categorised as: blog, howto, linux

Comments are closed.