A WordPress MCP server exposes your site's REST API as structured tools that Claude can call directly — meaning you can publish posts, update metadata, query analytics, and manage plugins through natural language in Claude Desktop or any MCP-compatible client, without writing a single API wrapper yourself.
What Is a WordPress MCP Server?
A WordPress MCP server is a small Node.js or Python process that implements Anthropic's Model Context Protocol and translates Claude's tool calls into WordPress REST API requests. Claude doesn't speak REST natively — MCP gives it a defined interface to call discrete functions like create_post, get_posts, update_metadata, or list_plugins. The server handles authentication, request formatting, and error translation back to Claude.
If you're not yet clear on MCP as a concept — what it is, how tool registration works, and why it matters for connecting AI to business systems — read our MCP explainer for product builders first. This post assumes you understand the protocol and focuses entirely on WordPress-specific implementation.
Available WordPress MCP Servers (Mid-2026)
Three packages are worth evaluating. None are "official" Anthropic or WordPress Foundation projects, so vet them before production use.
| Package | Language | Maintained | Write Support | Multi-site | Stars (GitHub) |
|---|---|---|---|---|---|
wordpress-mcp (wpmcp/wordpress-mcp) | Node.js | Yes | Full CRUD | Partial | ~1.2k |
wp-mcp-server (automattic community fork) | Node.js | Yes | Read + limited write | No | ~640 |
mcp-wp (self-hostable, Go binary) | Go | Active | Full CRUD + plugin mgmt | Yes | ~310 |
wordpress-mcp is the most feature-complete for general content workflows. It exposes 18 tools covering posts, pages, media, taxonomies, users, and comments.
wp-mcp-server is safer for read-heavy use cases — suitable for pulling content data into Claude for analysis without write risk.
mcp-wp (Go binary) is the one to reach for if you're managing 10+ sites from a single server, since it supports multiple site configurations in one config file and has lower memory overhead.
How to Set Up WordPress MCP Server: Step by Step
Step 1: Create a WordPress Application Password
WordPress Application Passwords (introduced in WP 5.6) are the correct authentication mechanism here. Do not use your main admin password.
- Log in as an admin.
- Go to Users → Profile → Application Passwords.
- Create a dedicated editor-level user first (see the security section below), then generate the application password on that account — not your admin account.
- Copy the password immediately; it won't be shown again.
The credential format Claude's MCP server will use:
WP_URL=https://yoursite.com
WP_USERNAME=mcp-editor
WP_APP_PASSWORD=xxxx xxxx xxxx xxxx xxxx xxxx
Note the spaces — WordPress Application Passwords are displayed with spaces but the REST API accepts them with or without spaces. Strip them in your .env file to avoid parsing issues.
Step 2: Install the MCP Server Locally
Using wordpress-mcp:
npm install -g wordpress-mcp
Or run it with npx without global install (preferable for per-project isolation):
npx wordpress-mcp
For mcp-wp (Go binary):
brew install mcp-wp # macOS
# or download the binary from GitHub releases for Linux/Windows
Step 3: Configure Claude Desktop
Open ~/Library/Application Support/Claude/claude_desktop_config.json on macOS (or the equivalent path on Windows/Linux) and add your server configuration:
{
"mcpServers": {
"my-wordpress-site": {
"command": "npx",
"args": ["wordpress-mcp"],
"env": {
"WP_URL": "https://yoursite.com",
"WP_USERNAME": "mcp-editor",
"WP_APP_PASSWORD": "xxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}
}
}
Restart Claude Desktop. You should see the WordPress tools listed when you click the tools icon in a new conversation.
Step 4: Test with Read Operations First
Before granting write access in real workflows, confirm the connection works with safe read operations:
"List the 5 most recent posts on my WordPress site and show me their titles, status, and publish dates."
If Claude returns structured data, your MCP server is connected and authenticated. If it returns an error, the most common causes are:
- REST API disabled or blocked — some security plugins (Wordfence, iThemes) block unauthenticated REST requests. You may need to whitelist Application Password-authenticated requests specifically.
- URL mismatch — trailing slashes matter. Match exactly what
wp-jsonresponds to. - Application Password not activated — some older hosting configurations have this disabled. On TopSyde, the REST API and Application Passwords are enabled and accessible by default.
Scoping Write Access Safely
This is the most important section of this guide. The security failure mode with WordPress MCP is not Claude going rogue — it's overpermissioned credentials.
Use a Dedicated Editor-Role User
Never connect your MCP server with admin credentials. Create a user with the editor role. Editors can:
- Create, edit, publish, and delete posts and pages
- Manage categories and tags
- Upload media
Editors cannot:
- Install or activate plugins
- Change theme settings
- Modify user accounts
- Access sensitive options
For most content workflows, editor is exactly the right scope.
If You Need Plugin or Theme Management
mcp-wp (the Go binary) supports plugin listing and activation — but this requires admin credentials. If you enable this, scope it to a staging environment only, never production, and audit every session log.
REST API Endpoint Allowlisting
You can further restrict what the Application Password user can hit by adding a REST API filter to your functions.php or a site-specific plugin:
add_filter('rest_authentication_errors', function($result) {
if (!is_user_logged_in()) {
return $result;
}
$user = wp_get_current_user();
if (in_array('editor', (array) $user->roles)) {
// Restrict editor-role API access to specific namespaces
$allowed = ['/wp/v2/posts', '/wp/v2/pages', '/wp/v2/media', '/wp/v2/categories', '/wp/v2/tags'];
$route = $GLOBALS['wp']->query_vars['rest_route'] ?? '';
$permitted = false;
foreach ($allowed as $prefix) {
if (strpos($route, $prefix) === 0) {
$permitted = true;
break;
}
}
if (!$permitted) {
return new WP_Error('rest_forbidden', 'Endpoint not permitted for this user.', ['status' => 403]);
}
}
return $result;
});
This is belt-and-suspenders security: even if your Application Password leaks, the attacker can only hit the endpoints you've explicitly whitelisted.
Real Workflows: What You Can Actually Do
Publishing Workflow
You: Draft a post titled "2026 WooCommerce Checkout Trends" in the
"E-commerce" category, status draft, and add the excerpt:
"Five checkout patterns increasing conversion in 2026."
Claude: [calls create_post tool] → Post created (ID: 4821, status: draft)
Claude will confirm the post ID and a link to preview it. You can then say:
"Update post 4821 — change the status to pending review and add the tag 'checkout-ux'."
This is materially faster than navigating the Gutenberg UI for bulk metadata operations.
Content Auditing at Scale
This is where MCP genuinely earns its complexity. Ask Claude to:
"Get all posts published in the last 90 days. List any that are missing a meta description (empty
_yoast_wpseo_metadescfield) and any with a title over 60 characters."
Claude will iterate through the posts API, pulling metadata, and return a structured audit you can act on immediately. Work that used to require a plugin or a custom PHP script runs in under a minute.
For agencies managing multiple client sites, this pattern — combined with the multi-site config in mcp-wp — means you can run the same audit across ten sites and get a consolidated report without switching dashboards.
Bulk Category and Tag Cleanup
Taxonomy debt accumulates fast on long-running sites. Ask Claude:
"List all categories with fewer than 3 published posts assigned to them."
Then act on the results in the same conversation — merging, deleting, or reassigning in natural language. For context on managing multi-site setups where this taxonomy debt multiplies, see our guide on WordPress Multisite hosting and management.
Agency Configuration: Multi-Site MCP Setup
For agencies managing multiple client WordPress installations — which is the core use case for mcp-wp — configure each site as a named MCP server in claude_desktop_config.json:
{
"mcpServers": {
"client-acme": {
"command": "mcp-wp",
"args": ["--config", "/path/to/acme.json"]
},
"client-bravo": {
"command": "mcp-wp",
"args": ["--config", "/path/to/bravo.json"]
},
"client-charlie": {
"command": "mcp-wp",
"args": ["--config", "/path/to/charlie.json"]
}
}
}
Each .json config file holds the site URL and credentials for that client. Claude will show each as a separate tool context, and you can switch between them in the same conversation by addressing the tool explicitly.
Credential management for agencies: Use a secrets manager (1Password, Doppler, or AWS Secrets Manager) rather than committing credentials to config files. The mcp-wp binary supports environment variable interpolation in config files so you can reference $CLIENT_ACME_APP_PASSWORD rather than hardcoding it.
For the workflow layer above this — how to structure maintenance routines, plugin update testing, and reporting across many client sites — our WordPress agency workflow guide covers the full operational stack.
Hosting Considerations for MCP Compatibility
Not all WordPress hosting plays nicely with MCP-driven REST API usage. The issues we've seen most frequently:
Firewall false positives: WAFs that rate-limit or block REST API requests from non-browser user agents. Claude's MCP server sends requests with a non-standard user agent, which some WAFs flag as bot traffic. You'll need to whitelist the server's IP or configure the WAF to allow Application Password-authenticated requests unconditionally.
REST API disabled by security plugins: A common misconfiguration on budget shared hosting. Some hosts configure Wordfence or similar with aggressive REST API blocking as a default. This completely breaks MCP.
SSL certificate issues: Self-signed certs or expired certs will cause Node.js fetch to reject connections. MCP servers respect Node's SSL validation by default. TopSyde sites include automatic SSL renewal — one fewer thing to debug when setting this up.
Connection limits: On shared hosting, the MCP server's burst of API calls during a complex query can hit connection limits, causing 429 or 503 responses. Managed hosting with per-site resource allocation handles this cleanly.
If you're evaluating whether to move a client site to infrastructure where MCP integration is predictable, our comparison of managed vs. DIY WordPress hosting ROI covers the infrastructure tradeoffs in detail. TopSyde managed WordPress hosting starts at $89/mo per site and includes clean REST API access, no WAF-level interference with authenticated API requests, and 24/7 automated monitoring through TopSyde Sentinel.
Debugging Common MCP Connection Errors
| Error | Likely Cause | Fix |
|---|---|---|
401 Unauthorized | Wrong credentials or spaces in app password | Strip spaces from password in .env |
403 Forbidden | REST API blocked by security plugin | Whitelist app-password-auth in WAF config |
404 on /wp-json/ | Permalinks not flushed or pretty permalinks disabled | Set any permalink structure in WP Settings → Permalinks |
ECONNREFUSED | Wrong URL or site is down | Verify URL, check uptime |
SSL certificate error | Cert expired or self-signed | Renew cert or set NODE_TLS_REJECT_UNAUTHORIZED=0 (dev only) |
| Tools not appearing in Claude | Config JSON syntax error | Validate JSON at jsonlint.com |
500 on write operations | User lacks capability for that post type | Check user role; use editor or admin |
The 404 on /wp-json/ is surprisingly common and almost always a permalink issue. Go to Settings → Permalinks in wp-admin and click Save (without changing anything) to flush rewrite rules.
What MCP Doesn't Replace
MCP is an interface layer, not a CMS replacement. Claude cannot currently:
- Edit content visually in the block editor
- Handle media uploads larger than the MCP server's memory limit without streaming support (most servers buffer the whole file)
- Manage WooCommerce order fulfillment reliably (WC REST API is supported by
wordpress-mcpbut tool coverage is partial) - Replace a proper WordPress backup strategy — take a backup before any bulk write operation via MCP
According to the State of AI Developer Tools report (Stack Overflow, 2025), 67% of developers using AI coding assistants report that context window limits are their primary frustration with AI-driven automation — and this applies to MCP workflows too. When you're auditing hundreds of posts, Claude may need to paginate results across multiple tool calls. Build your prompts with this in mind: ask for batches of 20-50 posts at a time rather than "all posts ever."
According to WP Engine's WordPress Ecosystem Report (2025), approximately 43% of professional WordPress developers are now experimenting with AI-assisted content operations — but fewer than 8% have a structured MCP or API-driven workflow in production. The tooling is early; the opportunity is real.
Frequently Asked Questions
Is it safe to connect Claude to my WordPress site via MCP?
Yes, with proper credential scoping. The risk is not Claude making autonomous decisions — it requires your explicit prompts to take any action. The actual risk is overpermissioned credentials: if your Application Password is compromised, the attacker has the same access the MCP server does. Always use an editor-role user (not admin) and consider REST API endpoint allowlisting as described in this guide.
Does this work with WordPress.com sites?
WordPress.com has a separate REST API (api.wordpress.com) that does not fully conform to the open-source WP REST API spec. Most WordPress MCP servers target self-hosted WordPress (wordpress.org
Topics

Founder & Lead Developer
20+ years full-stack development, WordPress, AI tools & agents
Colton is the founder of TopSyde with 20+ years of full-stack development experience spanning WordPress, cloud infrastructure, and AI-powered tooling. He specializes in performance optimization, server architecture, and building AI agents for automated site management.



