Posted inArtificial Intelligence

Teaching Otis to Manage WordPress

I taught my bot Otis a new skill that’s going to save me some time.

Otis, the OpenClaw bot, can pretty much do any repetitive task without a ton of help, but yesterday, it needed a bit of assistance.

Android lobster managing WordPress

I have a WordPress blog that I use to post some things including the prompts that I use daily, but of course I wanted Otis to manage things for me.

I often write pretty long posts on LinkedIn, but because they’re behind a registration wall, the tail (how long people see them) is short. So I end up with a lot of writing that could be placed in a more permanent place for additional audiences.

I asked my bot if it could manage WordPress for me and it gave me some basic instructions.

Why WordPress?

If you’re wondering why WordPress — I tried pretty much every way to create a blog. From Eleventy, to my own custom solution, to static site generators. I realized I just wanted to blog, not maintain software and do upgrades every time I wanted to write.

WordPress handles the infrastructure. I handle the writing. Simple.

The Problem: my hosting provider Was Blocking Everything

The WordPress REST API requires authentication for writing posts. The standard approach is Application Passwords — a WordPress feature that generates tokens specifically for API access.

But my blog is hosted on my hosting provider, and they have security layers that intercept requests before they reach WordPress. Otis kept getting 401 Unauthorized errors, even though everything was configured correctly.

We tried:

  • Basic Auth with Application Passwords — Rejected by my hosting provider security
  • Cookie authentication with nonces — Doesn’t work for external apps
  • Deactivating all plugins — No change
  • Creating a new admin user — Same problem

The my hosting provider hosting layer was stripping Authorization headers before they ever reached WordPress. Classic hosting “security” measure.

WordPress REST API debugging

The Options We Researched

Otis proposed several workarounds:

  • Jetpack API — Uses WordPress.com authentication instead of local REST API. Bypasses the hosting issue entirely.
  • Webhook plugins — WP Webhooks or AutomatorWP could accept posts via webhook instead of REST API.
  • Custom API endpoint plugin — A simple PHP plugin that creates a custom endpoint with token authentication.
  • WP-CLI via SSH — If my hosting provider provided SSH access, Otis could run wp post create commands directly.
  • Proxy services — Zapier, Make.com, or IFTTT as middleware.

The Solution: A Simple .htaccess Tweak

Before building a custom plugin, I made one last attempt. I modified the .htaccess file to explicitly allow Authorization headers through:

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]

That was it. The REST API started working immediately.

One line in .htaccess saved us from building custom plugins, setting up webhooks, or switching hosting providers.

What Otis Can Now Do

With WordPress API access, Otis can:

  • Create posts — Draft, publish, or schedule
  • Upload images — Featured images and inline media
  • Manage categories and tags — Auto-categorize content
  • Update existing posts — Edit content after review
  • Read post history — Check what’s already published

The Workflow We Built

We created a linkedin-to-blog skill that:

  • Pulls my LinkedIn posts from Publer (which has the full history)
  • Filters for substantial content (not short link posts)
  • Uploads any images to WordPress
  • Creates an expanded blog draft with proper formatting
  • Sets the category automatically
  • Links back to the original LinkedIn post
Otis WordPress workflow

In one session, Otis converted 17 of my LinkedIn posts into WordPress drafts. That’s content that was stuck behind a paywall now indexed by search engines and available to a wider audience.

The Lesson: Not Replacement. Enhancement!

This is changing how I approach work entirely.

Otis isn’t replacing me. It’s doing things I’d never hire someone to do.

I combine Otis with other skills like Midjourney prompt generation. It helps me draft posts, and since it has access to my work, it can pull stats to supplement my writing — like how many LinkedIn posts I’ve written, which ones performed best, what topics I cover most.

These aren’t tasks I’d delegate to a human. I wouldn’t hire someone to:

  • Generate 20 custom Midjourney prompts for every article
  • Track my newsletter subscriptions and surface trends
  • Cross-post content across platforms with proper formatting
  • Maintain a running analysis of my content performance

But Otis does all of this automatically. It’s not a replacement. It’s an enhancer.

Your work is going to be higher caliber and easier. Not because AI takes your job, but because it handles the stuff you were never going to hire someone to do anyway.

Custom art. Technical research. Cross-posting. The tedious execution that bogs down creative work.

The future isn’t replacement. It’s augmentation at a scale that actually matters.

The hardest part wasn’t the API integration — it was the hosting security layer. Standard WordPress features don’t always work when hosts add their own restrictions.

But once we found the .htaccess fix, everything clicked. Otis now manages my blog as easily as it manages my calendar, email, and files.

If you’re running into similar issues with REST API access on shared hosting, check your .htaccess before building workarounds. The solution might be simpler than you think.