Our WordPress Plugin Update API – Open Sourced

As a web design company based in Port Charlotte, Florida, Vontainment is committed to providing innovative solutions to our clients. That’s why we’re excited to announce the release of our new WordPress plugin update API as open source. This API consists of a WordPress MU-Plugin, PHP API, and web GUI that allows users to update their WordPress plugins from their own servers.

Dark Mode

v-wordpress-plugin-updater (this link opens in a new window) by vontainment (this link opens in a new window)

A WordPress mu-plugin and a self-hosted PHP API with web GUI to update WordPress plugins from your own server.

How We Use The WordPress API

With this new system, our clients sites no longer have to manually updated every time a new release comes out. Instead, they can rely on our API to automatically update their plugins from our server, ensuring that their website is always up-to-date with the latest features and security patches.

Overall, our new WordPress plugin update API is just one of the many ways that Vontainment is committed to providing our clients with the best possible web design experience. We believe that by utilizing the latest technology and innovative solutions, we can create stunning and functional websites that help our clients achieve their business goals.

What Is Our Open Source Release

Open-source software refers to computer programs whose source code is made freely available and can be modified and distributed by anyone. This means that anyone can view, edit, and redistribute the code as they see fit, without the need for permission or payment to the original creator.

We have released our API to the public on Github so others can take advantage of this software freely.

How Can Others Use Our API Software

So, what exactly is this update API? Essentially, the MU-Plugin sends information about installed plugins to the PHP API, which compares it to a list of domains and keys in the HOSTS file. If the domain exists and the key matches, the API checks the plugins against files in the /plugins directory for updates. If a new version is available, the API sends the file name to the MU-Plugin, which then sends a request to downloads.php with the domain, security key, and plugin file. The download.php file then grabs the plugin file from outside the webroot for added security and passes it to the MU-Plugin to be updated.

To make the process even easier, we’ve included a web admin to the API for a better user experience. This allows users to add, remove, or edit domains and security keys, as well as upload and delete plugin files. Additionally, users can customize the GUI by editing the CSS in the static folder and swapping out the logo image.

But who is this API for? There are several great use cases for this system. It’s especially useful for web developers and designers who want to push out updates to custom plugins without sharing them in the official repository. This system also allows users to edit existing plugins from the official repository and customize them before pushing out a separate release. And for anyone worried about supply chain attacks, this API allows users to intercept and test updates without having to manually update multiple sites.

Getting started with the API is relatively simple. For WordPress users, simply drop in the MU-Plugin from the MU-Plugin directory to your site, set a key for security in the file, and set the API.php URL in the file. For server users, upload the update-api directory contents to your webserver’s webroot, change the webroot to the /public/ directory, and set a username and password in index.php.

Once set up, users can log in to the Web GUI at their domain and add websites domains and security keys in the appropriate format. To prepare updates, users simply rename the plugin zip file to plugin-slug_1.1.1.zip (paying attention to formatting). Any previous versions of plugin updates should be deleted, and sites will update once daily.

Overall, the Vontainment WordPress plugin update API is an innovative and user-friendly solution for those looking to update their WordPress plugins from their own servers. We’re excited to release it as open source and see how it will benefit the WordPress community as a whole.

Call Now Button