Managing WordPress hosting through GoHighLevel gives you access to a powerful platform—but most agencies never tap into its full potential. The reason? They're still using the dashboard GUI for everything, missing out on the speed and control that SSH and WP-CLI command-line tools provide.
SSH (Secure Shell) unlocks direct server access, letting you execute commands instantly, automate bulk operations, and troubleshoot issues without waiting for support. If you're running multiple client sites or managing complex WordPress configurations, SSH access is the upgrade that separates efficient agencies from those stuck in manual workflows.
In this guide, I'll walk you through generating SSH keys, connecting securely to your GoHighLevel-hosted WordPress sites, and running essential WP-CLI commands that save hours every month. If you haven't explored GoHighLevel's full hosting capabilities yet, start with a free 30-day trial to see why thousands of agencies run their entire business on one platform.
Understanding SSH Access for WordPress Hosting
SSH (Secure Shell) is an encrypted protocol that gives you command-line access to your server. Unlike FTP or the WordPress dashboard, SSH lets you interact directly with your hosting environment—installing packages, running bulk operations, debugging server issues, and automating repetitive tasks.
For agencies managing multiple WordPress sites on GoHighLevel, this translates to real time savings. Instead of clicking through the dashboard to update plugins across 10 client sites, you run one WP-CLI command and it's done. Instead of waiting for support to help diagnose a server issue, you SSH in and investigate immediately.
GoHighLevel's hosting platform supports full SSH access with key-based authentication—the most secure method available. This means no passwords, no phishing risk, and full audit trails of who accessed what and when.
💡 Pro Tip
SSH key-based authentication is exponentially more secure than passwords. Once set up, you'll never expose credentials in plain text, and you can revoke access instantly by removing a key from the server.
How to Generate SSH Keys on macOS, Linux, and Windows
For macOS and Linux:
Open your terminal and run:
ssh-keygen -t ed25519 -C "[email protected]"
Press Enter when prompted for a file location (this saves to ~/.ssh/id_ed25519 by default). For the passphrase, you can leave it blank for automation purposes, or add one for extra security. The system generates two files: your private key (id_ed25519) and public key (id_ed25519.pub).
Never share your private key. The public key is what you upload to GoHighLevel.
For Windows (using PowerShell):
Modern Windows 10/11 includes OpenSSH. Open PowerShell as Administrator and run:
ssh-keygen -t ed25519 -C "[email protected]"
This creates keys in C:\Users\YourUsername\.ssh\ by default. Same process as macOS/Linux—follow the prompts and your keys are generated.
If you're on an older Windows system without OpenSSH, use PuTTY to generate keys instead. The principle is identical; the interface is just graphical.
Adding SSH Keys to Your GoHighLevel Dashboard
Once you've generated your keys, you need to upload the public key to GoHighLevel:
Step 1: Log into your GoHighLevel account and navigate to Settings → Integrations → Hosting (or similar—the exact path depends on your account layout).
Step 2: Find the SSH Keys section and click "Add New SSH Key."
Step 3: Copy your public key. On macOS/Linux, run:
cat ~/.ssh/id_ed25519.pub
On Windows PowerShell:
Get-Content C:\Users\YourUsername\.ssh\id_ed25519.pub
Step 4: Paste the entire public key (starting with "ssh-ed25519") into the GoHighLevel dashboard. Give it a descriptive name like "Agency Laptop" or "Development Machine."
Step 5: Save. GoHighLevel provisions the key across your hosting infrastructure within seconds.
This is built into GoHighLevel. Try it free for 30 days →
Connecting Securely to Your WordPress Server via SSH
Now that your SSH key is uploaded, connecting is straightforward. GoHighLevel provides you with:
- Host: Your server's IP or domain (provided in GoHighLevel)
- Port: Usually 22 (standard SSH port), but GoHighLevel may use a custom port—check your hosting settings
- Username: Typically your account username or a hosting-specific user (e.g., "wp-user")
On macOS or Linux:
ssh -i ~/.ssh/id_ed25519 your-username@your-server-ip
Replace your-username and your-server-ip with the actual values from GoHighLevel. If using a custom port:
ssh -i ~/.ssh/id_ed25519 -p 2222 your-username@your-server-ip
On Windows with PowerShell:
ssh -i C:\Users\YourUsername\.ssh\id_ed25519 your-username@your-server-ip
Once connected, you're in the command line on your server. Verify you're in the right place by running:
pwd
This shows your current directory. For WordPress, you're typically in /var/www/html or similar.
Essential WP-CLI Commands Every Agency Should Know
WP-CLI is a command-line interface for WordPress. It's likely already installed on your GoHighLevel hosting. Once SSH'd in, you can manage your WordPress sites at scale:
Update all plugins:
wp plugin update --all
Update WordPress core:
wp core update
Check WordPress version:
wp core version
List all installed plugins:
wp plugin list
Activate or deactivate plugins:
wp plugin activate plugin-name
wp plugin deactivate plugin-name
Reset a user password:
wp user update 1 --prompt=user_pass
Search and replace across the database:
wp search-replace 'old-url.com' 'new-url.com'
This is invaluable when migrating sites or changing domains. These commands eliminate the need for manual clicking and are exponentially faster at scale.
Best Practices for SSH Key Management and Security
1. Use Strong Passphrases (Optional but Recommended)
When generating keys, you can add a passphrase. This encrypts your private key file. If someone gains access to your computer, they can't use the key without the passphrase. For agency laptops accessing client sites, this is a smart precaution.
2. Rotate Keys Periodically
Every 6-12 months, generate a new SSH key pair and upload the new public key to GoHighLevel. Remove the old key from the dashboard. This limits the window of exposure if a private key is ever compromised.
3. Never Commit Private Keys to Version Control
If you use GitHub or GitLab, ensure your .ssh directory is in .gitignore. Accidentally pushing a private key online is a critical security breach.
4. Use Separate Keys for Different Machines
If your agency has multiple team members or machines, each should have its own SSH key. GoHighLevel allows you to add multiple keys to the same account. This lets you revoke access for one team member or compromised machine without affecting others.
5. Monitor SSH Access Logs
Periodically check your server logs for unauthorized SSH attempts. On your GoHighLevel server, you can review logs via SSH:
tail -f /var/log/auth.log
This shows recent login attempts and helps you spot suspicious activity immediately.