# WordPress

## Overview

The WordPress integration allows you to enrich Sola Apps with issues found for your WordPress websites, scanning for common vulnerabilities and misconfigurations.

Add your WordPress website URLs to uncover hidden risks and continuously monitor the security posture of your public WordPress websites.

With the WordPress integration, you can:

* Get visibility into security risks across all public WordPress sites
* Uncover hidden exposures that traditional tools can miss
* Monitor the security posture of your assets over time
* Surface exposed admin panels and login endpoints
* Track headers and security best practice compliance

{% hint style="warning" %}
**Your data can only be retrieved, never modified.**

Once connected, your data is securely stored, and access is restricted to retrieving configurations and metadata only. Authentication methods ensure secure delegation of permissions while maintaining data integrity.
{% endhint %}

## Set up WordPress data source integration with Sola

{% columns %}
{% column width="66.66666666666666%" %}
Go to ***Integrations*** > [***Data Sources***](https://app.sola.security/integrations/data-sources) > click ***New data source*** > select ***WordPress***.

*The Sola wizard will take you through the steps.*
{% endcolumn %}

{% column width="33.33333333333334%" %} <a href="https://app.sola.security/integrations/data-sources?integration=wordpress" class="button primary">Set up WordPress -></a>
{% endcolumn %}
{% endcolumns %}

### Connect WordPress to Sola

Analyze your WordPress websites using one of two verification methods to confirm ownership and begin scanning for security issues.

{% tabs %}
{% tab title="Email domain matching" %}
**Automatic verification**

This method matches the domain of the WordPress site to the email domain associated with your Sola account.

* Quick and easy setup

{% hint style="warning" %}
Only websites matching your **verified email domain** can be scanned using this method.

For example, if you signed up with *<name@mysecurityorg.com>*, Sola will only be able to scan **\*.mysecurityorg.com** (your domain and any subdomains), such as *blog.mysecurityorg.com* or *wp.mysecurityorg.com*.
{% endhint %}
{% endtab %}

{% tab title="HTTP verification using a TXT file" %}
This method allows HTTP verification by uploading a TXT file to your website.

* Flexible and secure for multi-site environments

**How to set up HTTP verification:**

Upload the provided UUID in the Sola wizard as a ***sola-verification.txt*** file to your WordPress site under the following path:

```
/.well-known/sola-verification.txt
```

For example: `https://my-wordpress-site.com/.well-known/sola-verification.txt`
{% endtab %}
{% endtabs %}

## Explore the app gallery for WordPress apps

![](/files/bKdo3yzED39AfQ5Oyclq) Get started with [WordPress-focused security apps](https://sola.security/app-gallery/?search=wordpress), built by our expert security team.

<figure><img src="/files/CjvKJCfuB5EqMpYlT6Xi" alt="Explore the app gallery for WordPress apps"><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sola.security/integrations/data-sources/wordpress.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.