TopSyde
Get your free site auditStart Risk-Free

Control WordPress From Claude: MCP Server Setup Guide

Connect WordPress to Claude via MCP server: publish posts, manage content, and query site data in natural language. Setup guide with auth, scoping, and agency workflows.

Colton Joseph

Colton Joseph

Founder & Lead Developer

··12 min read

Last updated: July 9, 2026

Claude AI interface connected to a WordPress dashboard via MCP server, showing natural language content management

A WordPress MCP server exposes your site's REST API as structured tools that Claude can call directly — meaning you can publish posts, update metadata, query analytics, and manage plugins through natural language in Claude Desktop or any MCP-compatible client, without writing a single API wrapper yourself.

What Is a WordPress MCP Server?

A WordPress MCP server is a small Node.js or Python process that implements Anthropic's Model Context Protocol and translates Claude's tool calls into WordPress REST API requests. Claude doesn't speak REST natively — MCP gives it a defined interface to call discrete functions like create_post, get_posts, update_metadata, or list_plugins. The server handles authentication, request formatting, and error translation back to Claude.

If you're not yet clear on MCP as a concept — what it is, how tool registration works, and why it matters for connecting AI to business systems — read our MCP explainer for product builders first. This post assumes you understand the protocol and focuses entirely on WordPress-specific implementation.


Available WordPress MCP Servers (Mid-2026)

Three packages are worth evaluating. None are "official" Anthropic or WordPress Foundation projects, so vet them before production use.

PackageLanguageMaintainedWrite SupportMulti-siteStars (GitHub)
wordpress-mcp (wpmcp/wordpress-mcp)Node.jsYesFull CRUDPartial~1.2k
wp-mcp-server (automattic community fork)Node.jsYesRead + limited writeNo~640
mcp-wp (self-hostable, Go binary)GoActiveFull CRUD + plugin mgmtYes~310

wordpress-mcp is the most feature-complete for general content workflows. It exposes 18 tools covering posts, pages, media, taxonomies, users, and comments.

wp-mcp-server is safer for read-heavy use cases — suitable for pulling content data into Claude for analysis without write risk.

mcp-wp (Go binary) is the one to reach for if you're managing 10+ sites from a single server, since it supports multiple site configurations in one config file and has lower memory overhead.


How to Set Up WordPress MCP Server: Step by Step

Step 1: Create a WordPress Application Password

WordPress Application Passwords (introduced in WP 5.6) are the correct authentication mechanism here. Do not use your main admin password.

  1. Log in as an admin.
  2. Go to Users → Profile → Application Passwords.
  3. Create a dedicated editor-level user first (see the security section below), then generate the application password on that account — not your admin account.
  4. Copy the password immediately; it won't be shown again.

The credential format Claude's MCP server will use:

WP_URL=https://yoursite.com
WP_USERNAME=mcp-editor
WP_APP_PASSWORD=xxxx xxxx xxxx xxxx xxxx xxxx

Note the spaces — WordPress Application Passwords are displayed with spaces but the REST API accepts them with or without spaces. Strip them in your .env file to avoid parsing issues.

Step 2: Install the MCP Server Locally

Using wordpress-mcp:

npm install -g wordpress-mcp

Or run it with npx without global install (preferable for per-project isolation):

npx wordpress-mcp

For mcp-wp (Go binary):

brew install mcp-wp  # macOS
# or download the binary from GitHub releases for Linux/Windows

Step 3: Configure Claude Desktop

Open ~/Library/Application Support/Claude/claude_desktop_config.json on macOS (or the equivalent path on Windows/Linux) and add your server configuration:

{
  "mcpServers": {
    "my-wordpress-site": {
      "command": "npx",
      "args": ["wordpress-mcp"],
      "env": {
        "WP_URL": "https://yoursite.com",
        "WP_USERNAME": "mcp-editor",
        "WP_APP_PASSWORD": "xxxxxxxxxxxxxxxxxxxxxxxxxx"
      }
    }
  }
}

Restart Claude Desktop. You should see the WordPress tools listed when you click the tools icon in a new conversation.

Step 4: Test with Read Operations First

Before granting write access in real workflows, confirm the connection works with safe read operations:

"List the 5 most recent posts on my WordPress site and show me their titles, status, and publish dates."

If Claude returns structured data, your MCP server is connected and authenticated. If it returns an error, the most common causes are:

  • REST API disabled or blocked — some security plugins (Wordfence, iThemes) block unauthenticated REST requests. You may need to whitelist Application Password-authenticated requests specifically.
  • URL mismatch — trailing slashes matter. Match exactly what wp-json responds to.
  • Application Password not activated — some older hosting configurations have this disabled. On TopSyde, the REST API and Application Passwords are enabled and accessible by default.

Scoping Write Access Safely

This is the most important section of this guide. The security failure mode with WordPress MCP is not Claude going rogue — it's overpermissioned credentials.

Use a Dedicated Editor-Role User

Never connect your MCP server with admin credentials. Create a user with the editor role. Editors can:

  • Create, edit, publish, and delete posts and pages
  • Manage categories and tags
  • Upload media

Editors cannot:

  • Install or activate plugins
  • Change theme settings
  • Modify user accounts
  • Access sensitive options

For most content workflows, editor is exactly the right scope.

If You Need Plugin or Theme Management

mcp-wp (the Go binary) supports plugin listing and activation — but this requires admin credentials. If you enable this, scope it to a staging environment only, never production, and audit every session log.

REST API Endpoint Allowlisting

You can further restrict what the Application Password user can hit by adding a REST API filter to your functions.php or a site-specific plugin:

add_filter('rest_authentication_errors', function($result) {
    if (!is_user_logged_in()) {
        return $result;
    }
    $user = wp_get_current_user();
    if (in_array('editor', (array) $user->roles)) {
        // Restrict editor-role API access to specific namespaces
        $allowed = ['/wp/v2/posts', '/wp/v2/pages', '/wp/v2/media', '/wp/v2/categories', '/wp/v2/tags'];
        $route = $GLOBALS['wp']->query_vars['rest_route'] ?? '';
        $permitted = false;
        foreach ($allowed as $prefix) {
            if (strpos($route, $prefix) === 0) {
                $permitted = true;
                break;
            }
        }
        if (!$permitted) {
            return new WP_Error('rest_forbidden', 'Endpoint not permitted for this user.', ['status' => 403]);
        }
    }
    return $result;
});

This is belt-and-suspenders security: even if your Application Password leaks, the attacker can only hit the endpoints you've explicitly whitelisted.


Real Workflows: What You Can Actually Do

Publishing Workflow

You: Draft a post titled "2026 WooCommerce Checkout Trends" in the 
"E-commerce" category, status draft, and add the excerpt: 
"Five checkout patterns increasing conversion in 2026."

Claude: [calls create_post tool] → Post created (ID: 4821, status: draft)

Claude will confirm the post ID and a link to preview it. You can then say:

"Update post 4821 — change the status to pending review and add the tag 'checkout-ux'."

This is materially faster than navigating the Gutenberg UI for bulk metadata operations.

Content Auditing at Scale

This is where MCP genuinely earns its complexity. Ask Claude to:

"Get all posts published in the last 90 days. List any that are missing a meta description (empty _yoast_wpseo_metadesc field) and any with a title over 60 characters."

Claude will iterate through the posts API, pulling metadata, and return a structured audit you can act on immediately. Work that used to require a plugin or a custom PHP script runs in under a minute.

For agencies managing multiple client sites, this pattern — combined with the multi-site config in mcp-wp — means you can run the same audit across ten sites and get a consolidated report without switching dashboards.

Bulk Category and Tag Cleanup

Taxonomy debt accumulates fast on long-running sites. Ask Claude:

"List all categories with fewer than 3 published posts assigned to them."

Then act on the results in the same conversation — merging, deleting, or reassigning in natural language. For context on managing multi-site setups where this taxonomy debt multiplies, see our guide on WordPress Multisite hosting and management.


Agency Configuration: Multi-Site MCP Setup

For agencies managing multiple client WordPress installations — which is the core use case for mcp-wp — configure each site as a named MCP server in claude_desktop_config.json:

{
  "mcpServers": {
    "client-acme": {
      "command": "mcp-wp",
      "args": ["--config", "/path/to/acme.json"]
    },
    "client-bravo": {
      "command": "mcp-wp",
      "args": ["--config", "/path/to/bravo.json"]
    },
    "client-charlie": {
      "command": "mcp-wp",
      "args": ["--config", "/path/to/charlie.json"]
    }
  }
}

Each .json config file holds the site URL and credentials for that client. Claude will show each as a separate tool context, and you can switch between them in the same conversation by addressing the tool explicitly.

Credential management for agencies: Use a secrets manager (1Password, Doppler, or AWS Secrets Manager) rather than committing credentials to config files. The mcp-wp binary supports environment variable interpolation in config files so you can reference $CLIENT_ACME_APP_PASSWORD rather than hardcoding it.

For the workflow layer above this — how to structure maintenance routines, plugin update testing, and reporting across many client sites — our WordPress agency workflow guide covers the full operational stack.


Hosting Considerations for MCP Compatibility

Not all WordPress hosting plays nicely with MCP-driven REST API usage. The issues we've seen most frequently:

Firewall false positives: WAFs that rate-limit or block REST API requests from non-browser user agents. Claude's MCP server sends requests with a non-standard user agent, which some WAFs flag as bot traffic. You'll need to whitelist the server's IP or configure the WAF to allow Application Password-authenticated requests unconditionally.

REST API disabled by security plugins: A common misconfiguration on budget shared hosting. Some hosts configure Wordfence or similar with aggressive REST API blocking as a default. This completely breaks MCP.

SSL certificate issues: Self-signed certs or expired certs will cause Node.js fetch to reject connections. MCP servers respect Node's SSL validation by default. TopSyde sites include automatic SSL renewal — one fewer thing to debug when setting this up.

Connection limits: On shared hosting, the MCP server's burst of API calls during a complex query can hit connection limits, causing 429 or 503 responses. Managed hosting with per-site resource allocation handles this cleanly.

If you're evaluating whether to move a client site to infrastructure where MCP integration is predictable, our comparison of managed vs. DIY WordPress hosting ROI covers the infrastructure tradeoffs in detail. TopSyde managed WordPress hosting starts at $89/mo per site and includes clean REST API access, no WAF-level interference with authenticated API requests, and 24/7 automated monitoring through TopSyde Sentinel.


Debugging Common MCP Connection Errors

ErrorLikely CauseFix
401 UnauthorizedWrong credentials or spaces in app passwordStrip spaces from password in .env
403 ForbiddenREST API blocked by security pluginWhitelist app-password-auth in WAF config
404 on /wp-json/Permalinks not flushed or pretty permalinks disabledSet any permalink structure in WP Settings → Permalinks
ECONNREFUSEDWrong URL or site is downVerify URL, check uptime
SSL certificate errorCert expired or self-signedRenew cert or set NODE_TLS_REJECT_UNAUTHORIZED=0 (dev only)
Tools not appearing in ClaudeConfig JSON syntax errorValidate JSON at jsonlint.com
500 on write operationsUser lacks capability for that post typeCheck user role; use editor or admin

The 404 on /wp-json/ is surprisingly common and almost always a permalink issue. Go to Settings → Permalinks in wp-admin and click Save (without changing anything) to flush rewrite rules.


What MCP Doesn't Replace

MCP is an interface layer, not a CMS replacement. Claude cannot currently:

  • Edit content visually in the block editor
  • Handle media uploads larger than the MCP server's memory limit without streaming support (most servers buffer the whole file)
  • Manage WooCommerce order fulfillment reliably (WC REST API is supported by wordpress-mcp but tool coverage is partial)
  • Replace a proper WordPress backup strategy — take a backup before any bulk write operation via MCP

According to the State of AI Developer Tools report (Stack Overflow, 2025), 67% of developers using AI coding assistants report that context window limits are their primary frustration with AI-driven automation — and this applies to MCP workflows too. When you're auditing hundreds of posts, Claude may need to paginate results across multiple tool calls. Build your prompts with this in mind: ask for batches of 20-50 posts at a time rather than "all posts ever."

According to WP Engine's WordPress Ecosystem Report (2025), approximately 43% of professional WordPress developers are now experimenting with AI-assisted content operations — but fewer than 8% have a structured MCP or API-driven workflow in production. The tooling is early; the opportunity is real.


Frequently Asked Questions

Is it safe to connect Claude to my WordPress site via MCP?

Yes, with proper credential scoping. The risk is not Claude making autonomous decisions — it requires your explicit prompts to take any action. The actual risk is overpermissioned credentials: if your Application Password is compromised, the attacker has the same access the MCP server does. Always use an editor-role user (not admin) and consider REST API endpoint allowlisting as described in this guide.

Does this work with WordPress.com sites?

WordPress.com has a separate REST API (api.wordpress.com) that does not fully conform to the open-source WP REST API spec. Most WordPress MCP servers target self-hosted WordPress (wordpress.org

Colton Joseph
Colton Joseph

Founder & Lead Developer

20+ years full-stack development, WordPress, AI tools & agents

Colton is the founder of TopSyde with 20+ years of full-stack development experience spanning WordPress, cloud infrastructure, and AI-powered tooling. He specializes in performance optimization, server architecture, and building AI agents for automated site management.

Related Articles

View all →

For agencies

Managing WordPress for clients?

White-label portal, volume pricing as low as $67/site/mo, and a senior developer behind every site. Your clients see your brand — we do the work.

Flat $89/mo per site · Free migration · 30-day money-back guarantee