## Customer Background A leading web agency managing a high-traffic WordPress site on Pressidium faced a critical challenge: implementing automated deployments without compromising Pressidium's stringent security measures. They needed a solution that offered both automation and robust security. ## Challenge The customer faced specific limitations with Pressidium's hosting environment: - SFTP access was available ([Pressidium SFTP Documentation](https://pressidium.com/blog/2018/how-to-use-sftp-to-upload-files-to-wordpress/)) - SSH command execution was restricted for security reasons - Cache purging was necessary after deployments ## Solution We implemented a [Zero Downtime Deployment](https://www.deployhq.com/blog/zero-downtime-deployments-with-deployhq-a-step-by-step-guide) strategy using [DeployHQ](https://www.deployhq.com) with a custom cache purging mechanism through HTTP Post hooks. ### 1. DeployHQ Configuration ``` # DeployHQ Settings --- server: host: sftp.pressidium.com port: 22 protocol: sftp path: /public_html/wp-content/themes/custom-theme excluded_files: - .git - node_modules - .env ``` ### 2. Cache Purging API Implementation ``` // wp-content/mu-plugins/cache-purge-api.php 'POST', 'callback' => 'handle_cache_purge', 'permission_callback' => 'verify_basic_auth' )); }); function verify_basic_auth($request) { // Get the Authorization header $auth_header = $request->get_header('Authorization'); if (!$auth_header || strpos($auth_header, 'Basic ') !== 0) { return false; } // Extract credentials $credentials = base64_decode(substr($auth_header, 6)); list($username, $password) = explode(':', $credentials); // Compare with configured credentials return $username === defined('CACHE_API_USER') ? CACHE_API_USER : '' && $password === defined('CACHE_API_PASS') ? CACHE_API_PASS : ''; } function handle_cache_purge($request) { if (function_exists('pressidium_purge_cache')) { pressidium_purge_cache(); return new WP_REST_Response(['status' => 'success'], 200); } return new WP_REST_Response(['status' => 'error'], 500); } ``` ### 3. Configuration in `wp-config.php` ``` // wp-config.php define('CACHE_API_USER', 'your-username'); define('CACHE_API_PASS', 'your-secure-password'); ``` ### 4. DeployHQ Post-Deploy HTTP Hook In DeployHQ's project settings: 1. Navigate to Integrations → HTTP Post 2. Add new hook with: ``` URL: https://your-site.com/wp-json/cache-api/v1/purge Username: your-username Password: your-secure-password ``` ![HTTP Post](https://blog.deployhq.com/attachment/cbb89e1e-8a02-4a78-a0e3-25f84ecf2cad/img_imdg7gf2mpp4.png) ### 5. Testing the Endpoint You can test the endpoint using curl: ``` curl -X POST \ -u "your-username:your-secure-password" \ https://your-site.com/wp-json/cache-api/v1/purge ``` ## Results The implementation achieved: - Zero-downtime deployments via SFTP - Secure cache purging through WordPress REST API - Automated deployment workflow - No need for SSH command execution ## Benefits 1. Maintained security compliance with Pressidium 2. Automated deployment process 3. Minimal deployment downtime 4. Secure cache purging mechanism ## Technical Details ### Security Considerations - REST API endpoint protected by basic authentication - HTTPS encryption for all API calls - Secure key storage in `wp-config.php` ### Implementation Steps 1. Configure [DeployHQ](https://www.deployhq.com) SFTP deployment 2. Install cache purging API code 3. Configure `wp-config.php` with basic auth 4. Set up [DeployHQ](https://www.deployhq.com) post-deploy hook ## Conclusion This solution successfully worked around Pressidium's SSH restrictions while maintaining a robust deployment process with automated cache purging. ### Related Documentation - [Pressidium SFTP Access](https://pressidium.com/blog/2018/how-to-use-sftp-to-upload-files-to-wordpress/) - [DeployHQ HTTP Post Hooks](https://www.deployhq.com/support/integrations/http-post) - [WordPress REST API](https://developer.wordpress.org/rest-api/) This case study demonstrates how to implement automated deployments within hosting restrictions while maintaining security and performance.