Skip to content

WordPress stack changelog

This is the changelog for WordPress stack deployed via Wodby, for docker4wordpress changes see GitHub releases page.


  • PHP:
    • Libraries update: ImageMagick, FreeType 2.9.1
    • OpenMP disabled in ImageMagick due to stability issues
    • Bugfix: xhprof (tideways) extension could not be enabled


  • PHP
    • ❗️Security updates: 7.2.10, 7.1.22, 7.0.32, 5.6.38
    • Added $PHP_PHAR_ env vars for Phar runtime configuration
    • Updated PHP extensions:
      • patch: apcu 5.1.12, ds 1.2.6, igbinary 2.0.7, xdebug 2.6.0
      • minor: mongodb 1.5.2, grpc 1.15.0
      • major: redis 4.1.1


  • Nginx:
    • New 50x error page, use $NGINX_ERROR_MESSAGE_50x to add a custom message
    • Env vars $NGINX_ERROR_PAGE_40x replaced to $NGINX_ERROR_40x_URI


  • PHP extension XHProf (tideways) updated to 5.0-beta2
  • Nginx:
    • Nginx no longer hides 50x errors by default on non-prod instances
    • Setting $NGINX_VHOST_PRESET to empty value now disables usage of any presets
    • New $NGINX_VHOST_NO_DEFAULTS to disable default rules for virtual host
    • New default 50x error page, new $NGINX_ERROR_MESSAGE_50x to add a message on this page
  • MariaDB patch update: 10.1.36
  • Solr patch update: 6.6.5
  • Varnish bugfix: flush action from dashboard failed
  • Adminer and Webgrind rebased to the latest stable php image


Do not add trailing slashes for non-directory requests


Upgrade instructions (from 5.1.0)

  • Nginx: if you overridden a virtual host config (via $NGINX_CONF_INCLUDE) you'll have to update it from the original /etc/nginx/conf.d/vhost.conf and re-apply your changes again

Changes since 5.1.0

  • Vanilla WordPress core updated to 4.9.8
  • PHP:
    • Patch updates: 7.2.9, 7.1.21, 7.0.31, 5.6.37
    • /var/www/html/vendor/bin added to $PATH
    • WP CLI upgraded to 2.0.0 and now freezed
    • Added bash completion for WP CLI
    • Added rdkafka extension
    • Added ~/.bash_profile for wodby user
    • PostgreSQL lib updated to 10.5
    • Bugfix: PHP 5.6 missed GMP library
    • Bugfix: incorrect owner on wodby's ~/.shrc, ~/.bashrc
    • Bugfix: entrypoint fails when command executed with --[flag]
    • Libraries and extensions versions moved out from env vars
  • Nginx:
    • Image wodby/wordpress-nginx has been replaced with wodby/nginx with $NGINX_VHOST_PRESET=wordpress
    • Nginx updated to 1.15.3
    • Rebased to Alpine Linux 3.8
    • New env vars $NGINX_ERROR_PAGE_ to customize 403/404 pages location
    • Extended list of static files extensions
    • New env vars NGINX_STATIC_ to control settings for handling static content
    • New env var NGINX_ALLOW_ACCESS_HIDDEN_FILES to control access to files starting with a dot
    • Added pseudo-streaming server-side for .flv, .mp4, .mov, .m4a files
    • Env vars $NGINX_STATIC_MP4_ for mp4 streaming configuration
    • Updated default values for open_file_cache settings
    • Default expires for static content set to 7d by default
    • Bugfix: overriding log format via $NGINX_LOG_FORMAT_OVERRIDE produced an error
  • Apache:
    • Image wodby/php-apache has been replaced with wodby/apache with $APACHE_VHOST_PRESET=php
    • Env var $APACHE_SERVER_ROOT renamed to $APACHE_DOCUMENT_ROOT (old name still supported)
    • MPM modules are now shared and can be changed (event is still the default)
  • MariaDB:
    • MariaDB patch updates: 10.3.9, 10.2.17, 10.1.35
    • Image rebased to Alpine Linux 3.8
    • Backup action performance improvement: no intermediate file created
    • ionice no longer used in orchestration actions
    • Bugfix: triggers duplicated during db dump
    • Bugfix: no privileges before import could cause failure
  • Varnish:
    • Image wodby/wordpress-varnish now replaced with wodby/varnish and $VARNISH_CONFIG_PRESET=wordpress
    • External purge now always restricted by purge key
    • Unrestricted purge from the internal network can be optionally enabled (enabled by default)
    • Cache for mobile devices can now be separated or disabled entirely
    • Big files (by default >10M) won't be cached by default
    • Static files cache disabled by default for all presets
    • All varnish-related headers now start with X-VC-, e.g. X-Varnish-Cache is now X-VC-Cache
    • Secondary storage can now be defined for all presets
    • List of static files extensions expanded
    • Analytics/marketing cookies and query params stripped, configurable
    • New env vars to optionally preserve all cookies and query params
    • Query params can be ignored to cache URLs as a single object
    • Purge method now can be changed to regex and exact (respects query params)
    • Hashes and trailing ? stripped from URL before passing to a backend
    • All AJAX requests not cached
    • Error pages 404 and >500 not cached with a configurable grace period
    • Env vars changed for presets (old => new), old variant still supported: VARNISH_ADMIN_SUBDOMAIN => VARNISH_WP_ADMIN_SUBDOMAIN"
    • Friendly varnish error message by default
  • Memcached returned as cache storage service option
  • OpenSMTPD patch update: 6.0.3



  • Vanilla WordPress core updated to 4.9.6
  • PHP
    • Added php tidy extension
    • Added tideways xhprof extension (disabled by default)
    • auto_prepend_file and auto_append_file are now configurable
    • Updated PHP extensions: GRPC 1.12.0, igbinary 2.0.6, mongodb 1.4.4
  • MariaDB:
    • New version 10.3 added (10.3.7)
    • MariaDB updates: 10.2.15, 10.1.34
    • optimizer_prune_level and optimizer_search_depth are now configurable
    • ⭐️ Default innodb_buffer_pool_size set to 128M that should significantly decrease memory usage by MariaDB container
    • Default innodb_buffer_pool_instances set to 1
  • Nginx:
    • Added new Nginx 1.15
    • ⭐️ Added mog_pagespeed module. Disabled by default, to enable add NGINX_PAGESPEED=on to nginx service
    • Added new modules:
  • Varnish
    • Environment variable VARNISHD_STORAGE_SIZE has been dropped, we no longer add a predefined secondary storage. You can now add your custom secondary storage via VARNISHD_SECONDARY_STORAGE
    • Unrestricted purge is now allowed in internal network (from containers within the same instance)
  • Webgrind: error reporting now exludes strict and deprecated errors, rebased to latest PHP 7.1 image

Upgrade instructions

  • ❗Make sure the new default size of innodb_buffer_pool_instances (128M) is enough for your project, see MariaDB stack documentation to learn how to calculate the optimal size of innodb_buffer_pool_size for your application


  • PHP:
    • Security update: 7.2.5, 7.1.17, 7.0.30, 5.6.36
    • New php extensions added: GMP and igbinary
    • APCu extension updated to 5.0.11 for PHP 7.x
    • APCu serialized is now configurable with $PHP_APCU_SERIALIZER
    • Shell prompt in PHP containers now shows current user, application name and instance name
    • Added new helper script files_chown
    • Bugfix: iconv implementation missing wodby/php#25
  • Varnish purge via HTTP is now unrestricted with a purge key, see updated docs
  • Added Nginx 1.14, patch update for 1.13
  • Nginx's underscores_in_headers is now configurable via $NGINX_UNDERSCORES_IN_HEADERS


  • PHP log errors max length set to unlimited
  • Bugfix: PHP errors didn't show up in the container output
  • Bugfix: APACHE_LIMITED_ACCESS support from 5.0.6 release was missing


  • Vanilla WordPress updated to 4.9.5 (security and maintenance release)


  • PHP 5.6 version returned



  • Apache:
    • Updated to 2.4.33 (security update)
    • New environment variable APACHE_LIMITED_ACCESS to remove Require all granted when you need to limit access by IP


  • Nginx updated to 1.13.10
  • PHP extension grpc updated to 1.10.0
  • Added environment variables for PHP session runtime configuration
  • Improved error reporting and progress messages for public files directory init
  • Bugfix: apache settings file didn't include when virtual host config overridden with APACHE_INCLUDE_CONF


  • Bugfix: vanilla WordPress didn't work with PHP 7.2
  • Bugfix: wp-admin/ with apache redirected to homepage
  • Bugfix: some caching plugins didn't work because of unsufficient permissions
  • Added APACHE_INCLUDE_CONF to override apache config
  • Database service is now optional in case you want to have a stand-alone DB server
  • Redis service is not included by default


  • Cron now runs from www-data user instead of wodby
  • files_chmod script now sets permissions with execution allowed only for directories


  • Bugfix: translation update fail due to insufficient permissions


  • PHP updated to 7.2.3, 7.1.15, 7.0.28 (security updates)
  • Bugfix: insufficient permissions for plugins update
  • Bugfix: missing ~/.ssh directory for www-data user required by some plugins


Changes since 4.4.1

  • All containers now have resources request as listed here in Resources column, in addition, crond has CPU limit
  • PHP:
    • Container default user has been changed to wodby (uid/gid 1000), see for more details
    • PHP updated to 7.2.2, 7.1.14, 7.0.27 (security updates)
    • Rebased to Alpine Linux 3.7
    • Now when your upgrade stack with a new version of vanilla WordPress, your source code will be updated
    • You can monitor PHP with NewRelic APM
    • allow_url_fopen and default_socket_timeout is now configurable
    • New php extensions added: newrelic, grpc, ds
    • Deprecated environment variables dropped (listed in 4.4.0 changes)
    • Added postgresql client bins (pg_dump, pg_restore, ...)
    • Added redis-cli
    • Updated php extensions: amqp 1.9.3, redis 3.1.6, mongodb 1.4.0, apcu 5.1.10
    • Environment variable WODBY_DIR_FILES replaced to FILES_DIR
    • Bugfix: cache clearing from dashboard didn't work for subdirectories
  • MariaDB:
    • Updated to 10.1.31, 10.2.12
    • Rebased to Alpine Linux 3.7
  • Nginx:
    • Updated to 1.13.9
    • Rebased to Alpine Linux 3.7
  • Redis:
    • Updated to 4.0.8
    • Bugfix: redis 4 init could not disable THP on some servers
  • OpenSMTPD:
    • Improved health check now runs smtp command
    • Messages queue is now persistent
  • Varnish:
    • The following environment variables changed names (old version no longer supported), DEPRECATED > NEW:
    • Changed default values:
      VARNISHD_PARAM_THREAD_POOL_MAX from 1000 to 5000
    • Added additional env vars that control varnishd params (
  • Bugfix: auth issue in Apache (

Upgrade instructions

  • Make sure you don't use any of deprecated environment variables in PHP (listed in 4.4.0 changes) and Varnish (listed above) otherwise update their names
  • If you used WODBY_DIR_FILES in your code replace it with FILES_DIR
  • Make sure the default cron container 512M RAM limit is enough for your cron jobs, otherwise increase it manually from service configuration page


  • Restored MariaDB 10.1 innodb_large_prefix setting (enabled by default) removed in 4.4.0



  • PHP:
    • New PHP 7.2
    • PHP updated to 7.1.12, 7.0.26
    • PHP extensions updated: memcached 3.0.4, ast 0.1.6
    • Added packages: tig, nano, tmux, less, libjpeg-turbo-utils
    • PHPunit deleted from image to avoid composer conflicts
    • Env vars naming fixes (old names still supported), old > new:
    • New -dev image tags (replacing -debug) for CI/CD (TBA)
    • Env var WODBY_HOST_PRIMARY value now contains host (instead of URL) as it should, WODBY_URL_PRIMARY has been added for the URL value. See environment variables section
    • Improved validation and error reporting for duplicator import
    • Git email and name now can be configured via environment variables
  • Nginx:
    • Nginx updated to 1.13.7, 1.12.2
    • Fixed broken health check
    • New env var NGINX_NO_DEFAULT_HEADERS to hide default headers
    • We now show request real IP in access logs
  • MariaDB:
    • New MariaDB 10.2.11
    • MariaDB updated to 10.1.29
    • Shutdown grace period increased to 5 minutes
    • Deployment strategy no longer can be changed
    • Optimized default config (my.cnf) values
    • New environment variables to configure recovery options
    • Default user/group in a container now mysql
    • Backup action now runs with nice and ionice to prioritize CPU and I/O time for this process
    • Improved error reporting during import
  • Redis:
    • Redis updated to 3.2.11, 4.0.2
    • Fixed init failure when there's no /sys/kernel/mm/transparent_hugepage/enabled
  • Global environment variables changes:
    • $WODBY_APP_NAME no longer contains instance machine name, only application machine name
    • $WODBY_ENVIRONMENT_ variables have been deprecated and replaced with $WODBY_INSTANCE_
    • New variables $WODBY_INSTANCE_UUID and $WODBY_APP_UUID
  • Varnish updated to 4.1.9
  • Apache updated to 2.4.29
  • Vanilla WordPress updated to 4.9.1
  • Health checks timeout increased to 30 seconds for all services
  • OpenSMTPD now supports relay auth without password
  • Files backup and mirroring actions now run with nice and ionice to prioritize CPU and I/O time for this process

Upgrade instructions

  • If you used $WODBY_APP_NAME update your code accordingly to the new value (machine name of the app)
  • If you used $WODBY_HOST_PRIMARY (now contains host instead of URL) before you should replace it to $WODBY_URL_PRIMARY
  • Upgrade downtime ~5 minutes


Changes since 3.x

  • All-new revamped containers consistent with docker4wordpress
  • Improved performance of containers (especially I/O)
  • Revamped orchestration with better logging and performance
  • Optional services now can be enabled/disabled on the working app
  • Services configuration via environment variables from the dashboard
  • This stack is now suited for container-based cluster
  • Log streaming is now available
  • Detailed log output for orchestration tasks
  • New services: apache, webgrind, blackfire, rsyslog, athenapdf

There's no backward compatibility with stacks 3.x