Meshabay Security Hub

How to Set Up a Secure WordPress Staging Environment with Docker

A WordPress staging environment is essential for testing updates, themes, and plugins without affecting your live site. Many developers struggle with creating a safe, isolated setup for WordPress due to configuration complexities and potential security risks. Docker simplifies this process by providing a containerized, reproducible environment. In this guide, we’ll walk you step-by-step to set up a secure WordPress staging environment with Docker, MySQL, and phpMyAdmin.

Step 1: Install Docker and Docker Compose

Before setting up your staging environment, ensure Docker and Docker Compose are installed.

For Windows and Mac:
Download Docker Desktop from https://www.docker.com/products/docker-desktop.

For Linux (Ubuntu example):

sudo apt update
sudo apt install docker.io docker-compose -y
sudo systemctl start docker
sudo systemctl enable docker
docker --version
docker-compose --version

Verify that Docker and Docker Compose are installed correctly with the commands above.

Step 2: Create a Project Directory

Create a dedicated folder for your WordPress staging environment. This keeps your configuration organized and portable.

mkdir wordpress-staging
cd wordpress-staging

Recommended folder structure:

wordpress-staging/
├── docker-compose.yml
├── wp-content/
└── backups/

Step 3: Create a Docker Compose File

Create a docker-compose.yml file to define your WordPress, MySQL, and phpMyAdmin containers:

version: '3.8'

services:
  db:
    image: mysql:8.0
    container_name: wp_staging_db
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: rootpassword
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wpuser
      MYSQL_PASSWORD: wppassword
    volumes:
      - db_data:/var/lib/mysql

  wordpress:
    image: wordpress:6.3-php8.2-apache
    container_name: wp_staging_app
    depends_on:
      - db
    ports:
      - "8080:80"
    restart: always
    environment:
      WORDPRESS_DB_HOST: db:3306
      WORDPRESS_DB_USER: wpuser
      WORDPRESS_DB_PASSWORD: wppassword
      WORDPRESS_DB_NAME: wordpress
    volumes:
      - ./wp-content:/var/www/html/wp-content

  phpmyadmin:
    image: phpmyadmin/phpmyadmin
    container_name: wp_staging_phpmyadmin
    depends_on:
      - db
    environment:
      PMA_HOST: db
      MYSQL_ROOT_PASSWORD: rootpassword
    ports:
      - "8081:80"
    restart: always

volumes:
  db_data:

Notes:

  • WordPress is accessible at http://localhost:8080.
  • phpMyAdmin is accessible at http://localhost:8081.
  • All data is persisted in Docker volumes and the local wp-content folder.

Step 4: Launch the WordPress Staging Environment

Start the containers using Docker Compose:

docker-compose up -d

Check container status:

docker ps

Visit http://localhost:8080 to complete WordPress installation.

Step 5: Configure WordPress for Staging

Edit wp-config.php to enable debugging and environment-specific settings:

define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);
define('WP_DEBUG_DISPLAY', false);
define('ENVIRONMENT', 'staging');

Optional plugins for staging:

  • WP Staging
  • Duplicator
  • Query Monitor (for debugging)

Step 6: Implement Security Best Practices

A secure WordPress staging environment requires careful access control:

  1. Restrict access using Basic Auth:
docker exec -it wp_staging_app htpasswd -c /etc/apache2/.htpasswd staginguser
  1. Limit staging to local network or VPN access.
  2. Separate staging database and content from production.
  3. Enable SSL via reverse proxy (optional).

Step 7: Backup and Restore Workflow

Backups are critical in staging:

# Backup MySQL database
docker exec wp_staging_db sh -c 'exec mysqldump --all-databases -uroot -p"$MYSQL_ROOT_PASSWORD"' > backups/db_backup.sql

# Restore MySQL database
docker exec -i wp_staging_db sh -c 'exec mysql -uroot -p"$MYSQL_ROOT_PASSWORD"' < backups/db_backup.sql

Step 8: Sync Changes to Production (Optional)

  • Never overwrite production directly.
  • Export theme/plugin settings or content via WordPress export tools.
  • Use staging to validate changes before deploying.

Step 9: Maintain the Staging Environment

  • Regularly update WordPress, plugins, Docker images.
  • Purge old containers and volumes periodically.
  • Monitor for staging-specific vulnerabilities.

Conclusion

Creating a WordPress staging environment with Docker provides a safe, isolated, and reproducible setup to test updates and new features without risking your live site. By following this step-by-step guide, developers can simplify workflows, enhance security, and streamline deployment processes.

Quick Reference Commands

ActionCommand
Start containersdocker-compose up -d
Stop containersdocker-compose down
View logsdocker-compose logs -f
Backup DBdocker exec wp_staging_db sh -c 'exec mysqldump ...' > backups/db_backup.sql
Restore DBdocker exec -i wp_staging_db sh -c 'exec mysql ...' < backups/db_backup.sql

Also read: How to Configure pfSense for Small Business: VLANs, DHCP, Firewall Rules, IDS, and OpenVPN (Step-by-Step Guide 2025)

admin

, ,

Leave a Reply

Your email address will not be published. Required fields are marked *