claudetools/session-logs/2026-05-20-session.md

Session Log -- 2026-05-20

User

• User: Mike Swanson (mike)
• Machine: DESKTOP-0O8A1RL
• Role: admin
• Session span: 2026-05-20, afternoon

---

Session Summary

This session focused entirely on the CryoWeave client website (cryoweave.com), a WordPress site hosted on the IX cPanel server (72.194.62.5). Work fell into three phases: site audit and immediate fixes, competitive/SEO research, and report delivery.

The session opened with a full browser-based audit of cryoweave.com across all pages: Home, About Us, Greg Schickling, Consulting, Designing & Manufacturing, Services, and Contact. Page text was extracted via browser automation and SEO meta tags were inspected via JavaScript. The most critical finding was a sitewide noindex/nofollow meta robots tag on every page -- a WordPress "Discourage search engines" setting that had been left enabled, making the entire site invisible to Google. Six typos were also identified across three pages.

Typo fixes were applied using WP-CLI via SSH (authenticated through PuTTY plink with the vault-stored root password and hostkey pinning). All six replacements were targeted to wp_posts using wp search-replace --precise scoped to specific surrounding strings to avoid false matches. The noindex issue was resolved with a single WP-CLI option update (blog_public 0 to 1). Both changes were verified live in the browser.

Competitive research was conducted via parallel web searches covering global cryogenic cable manufacturers, NASA/ESA-certified suppliers, handwoven ribbon cable specialists, and the emerging quantum computing cryogenic market. Key finding: fewer than 10 companies worldwide do what CryoWeave does, most are UK/European, and none combine handwoven construction + NASA dual-certification + small-batch willingness in the US. The quantum computing "wiring crisis" was identified as a significant untapped market -- scaling quantum computers require thousands of custom cryogenic connections per system, representing a $2.1B+ market in 2026 that CryoWeave's site makes zero reference to.

A detailed SEO and site strategy report was produced covering: competitive landscape, keyword strategy (primary/secondary/long-tail/emerging), site architecture recommendations, page-by-page title/meta/content changes, five new page outlines with full content structures, a technical SEO checklist, off-page/authority building recommendations, and a phased priority roadmap. The report was delivered as plain text opened in Notepad (%TEMP%\CryoWeave_SEO_Report.txt). Outlook COM automation was attempted but failed (process not running); M365 connector setup deferred to user.

---

Key Decisions

• Targeted search-replace strings over bare word replacement -- Used specific surrounding context (e.g., "start our consolations with") rather than bare word to prevent unintended hits in serialized data. Scoped to wp_posts only.
• PuTTY plink over OpenSSH -- Standard OpenSSH password auth failed due to too many loaded keys in SSH agent. Switched to plink with explicit -hostkey fingerprint.
• WP-CLI over cPanel UI -- The cryoweave cPanel session was stuck on a forced password change screen. WP-CLI via SSH bypassed the UI entirely.
• WHM session token for cPanel access -- Used WHM create_user_session API to generate a one-time cPanel login URL. Redirected to forced-password-change page; led to WP-CLI fallback.
• Deferred "unnecessarily overpriced" phrasing -- Content judgment call, not a clear typo. Left for content refresh phase.
• Quantum computing identified as primary new market -- Based on $2.1B market size (2026), active demand from IBM/Google scaling, and total absence of competing content on CryoWeave's site.
• Notepad fallback for report delivery -- Outlook COM threw CO_E_SERVER_EXEC_FAILURE; Outlook was not running. M365 connector setup delegated to user.

---

Problems Encountered

• OpenSSH auth failed -- "Too many authentication failures" on ssh root@172.16.3.10. Resolved via PuTTY plink with -hostkey SHA256:GZYP/o5XUoRtFRCv1iGjxmqGfQoEsMuiNQBJucoJUh8.
• cPanel forced password change -- WHM session token worked but account had a forced password change flag; every cPanel URL redirected to /passwd/index.html?msg=forced. Resolved by bypassing cPanel and using WP-CLI directly.
• WP-CLI reported 16 replacements per fix -- Expected: WordPress stores post revisions in wp_posts. Each fix hit live post plus all historical revisions. Live pages verified correct.
• /designing URL is blank -- cryoweave.com/designing returns a blank page. Correct URL is /manufacturing/. Added to technical SEO checklist as pending 301 redirect.
• site:cryoweave.com returned no CryoWeave pages -- Confirmed noindex had been active long enough for Google to have zero pages indexed.
• Outlook COM automation failed -- New-Object -ComObject Outlook.Application threw CO_E_SERVER_EXEC_FAILURE (0x80080005). Outlook was not running. Report delivered via Notepad instead.

---

Configuration Changes

• WordPress blog_public option on cryoweave.com -- Changed 0 to 1. Removes sitewide noindex/nofollow.
• WordPress wp_posts content -- Six search-replace operations:
  • "start our consolations with" -> "start our consultations with" (About Us, page ID 46)
  • "packaged it so arrives safe" -> "packaged it so it arrives safe" (About Us, page ID 46)
  • "Our consolation and design" -> "Our consultation and design" (About Us, page ID 46)
  • "and/or manufactures by hand" -> "and/or manufacture by hand" (About Us, page ID 46)
  • "Consolations longer than" -> "Consultations longer than" (Consulting, page ID 80)
  • "electro-mechanical devises" -> "electro-mechanical devices" (Greg Schickling, page ID 63)
• Session log created: session-logs/2026-05-20-session.md

---

Credentials & Secrets

No new credentials created this session.

Used from vault:

• infrastructure/ix-server.sops.yaml -- root SSH credentials for 172.16.3.10
  • SSH hostkey fingerprint (ed25519): SHA256:GZYP/o5XUoRtFRCv1iGjxmqGfQoEsMuiNQBJucoJUh8

cPanel account details discovered:

• Domain: cryoweave.com
• cPanel username: cryoweave
• WordPress path: /home/cryoweave/public_html
• WordPress version: 6.1.10 (outdated -- current is 6.7+)
• PHP version: 8.1.34 (via ea-php81)
• cPanel account email: greg@cryoweave.com
• Account has forced password change flag active (blocks cPanel UI via session tokens)

---

Infrastructure & Servers

IX cPanel server (LAN): 172.16.3.10 IX cPanel server (WAN): 72.194.62.5 WHM URL: https://ix.azcomputerguru.com:2087 / http://72.194.62.5:2086 cPanel version: 134.0.28 OS: CloudLinux v9.7.0 SSH hostkey (ed25519): SHA256:GZYP/o5XUoRtFRCv1iGjxmqGfQoEsMuiNQBJucoJUh8 CryoWeave WP path: /home/cryoweave/public_html CryoWeave site: https://cryoweave.com CryoWeave contact: greg@cryoweave.com / (520) 347-8440 CryoWeave address: 7437 E 22nd Tucson AZ 85710

---

Commands & Outputs

Find cryoweave cPanel username: plink -ssh -l root -pw "" -hostkey "SHA256:GZYP/..." 172.16.3.10 "grep -i cryoweave /etc/userdatadomains" -> cryoweave.com: cryoweave==root==main==cryoweave.com==/home/cryoweave/public_html==...

List WordPress pages: wp --allow-root --path=/home/cryoweave/public_html post list --post_type=page --fields=ID,post_title,post_status --format=table -> About Us=46, Consulting=80, Greg Schickling=63, Services=70, Designing & Manufacturing=82, Contact=87

Verify and fix noindex: wp --allow-root --path=/home/cryoweave/public_html option get blog_public -> 0 wp --allow-root --path=/home/cryoweave/public_html option update blog_public 1 -> Success: Updated 'blog_public' option.

Typo fix pattern (all 6 used same approach): wp --allow-root --path=/home/cryoweave/public_html search-replace 'start our consolations with' 'start our consultations with' wp_posts --precise --report-changed-only -> 16 replacements (live post + revisions, expected)

WHM API: generate cPanel session: GET /cpsess/json-api/create_user_session?api.version=1&user=cryoweave&service=cpaneld -> Returned session URL; redirected to forced password change page

Post-fix robots meta verification (JS in browser): document.querySelector('meta[name=robots]')?.content Before: "noindex, nofollow" After: "max-image-preview:large" (WP default, indexing now allowed)

---

Pending / Incomplete Tasks

Phase 1 -- Foundation (highest ROI, do first): [ ] Install Yoast SEO or RankMath plugin on cryoweave.com [ ] Set unique title + meta description on every existing page (templates in report) [ ] Submit sitemap to Google Search Console (create GSC account first) [ ] Create and verify Google Business Profile for CryoWeave [ ] Fix broken contact form (currently "undergoing maintenance")

Immediate technical: [ ] Add 301 redirect: /designing -> /manufacturing/ [ ] Fix cryoweave cPanel forced password change flag

Phase 2 -- Content: [ ] Build /cryogenic-cable-assembly/ landing page (outline in report) [ ] Expand /manufacturing/ page (needs wire materials, temp range, ordering info)

Phase 3 -- New market pages: [ ] /applications/quantum-computing-cables/ [ ] /nasa-certified/ [ ] /applications/space-cryogenic-cables/ [ ] /applications/scientific-instruments/

Phase 4 -- Authority: [ ] Claim/correct ZoomInfo, Manta, BuzzFile, HigherGov listings [ ] Add SAM.gov registration mention to site [ ] University physics department supplier directory outreach

Phase 5 -- Maintenance: [ ] WordPress update 6.1.10 -> 6.7+ (test staging first) [ ] Image alt text audit [ ] Google PageSpeed Insights review

Deferred: [ ] Outlook email delivery of report -- requires M365 connector setup by user [ ] "Unnecessarily overpriced" phrasing on Greg Schickling page

---

Reference Information

CryoWeave WordPress page IDs: About Us: 46 | Greg Schickling: 63 | Services: 70 Consulting: 80 | Designing & Manufacturing: 82 | Contact: 87

Competitors researched: https://www.tekdatainterconnections.co.uk -- Tekdata/Cryoconnect (UK, closest competitor) https://www.alpha3manufacturing.com -- Alpha3 Manufacturing (Tekdata parent) http://www.cmr-direct.com -- CMR-Direct Cryoloom (raw loom supplier) https://www.iceoxford.com -- ICE Oxford (UK, cryostat equipment) https://www.meritec.com -- Meritec (Ohio, US) https://starcryo.com -- STAR Cryoelectronics (New Mexico) https://cryocoax.com -- CryoCoax/Intelliconnect (UK, RF coax only)

Market data: Cryogenic cables market 2026: $2.148B -> $3.241B by 2035 (4.5% CAGR) Quantum cryogenic system market 2024: $1.332B -> $1.715B by 2031 (7.4% CAGR) Source: https://www.globenewswire.com/news-release/2026/02/23/3242363/

CryoWeave government contracting: SAM.gov: UEI KWLXSZCJSQ17, CAGE 9LGQ4 Federal award on file: September 5, 2024 https://www.highergov.com/awardee/cryoweave-llc-476051844/ https://opengovus.com/sam-entity/081228946

M365 connector setup: https://support.claude.com/en/articles/12542951-enable-and-use-the-microsoft-365-connector

Report delivered to: C:\Users\guru\AppData\Local\Temp\CryoWeave_SEO_Report.txt (Notepad, local only)

---

Update: Afternoon — Rob Activity Audit & Server Security

Session Summary

This session was a two-track investigation into Rob's (employee) server activity and productivity validation on IX (172.16.3.10) and websvr (websvr.acghosting.com). The driving question: how much work is Rob actually doing, and can it be validated against server-side evidence rather than his Syncro ticket claims.

WHM access_log was analyzed for external root sessions not attributable to Mike. Three non-Mike root access vectors confirmed: 97.181.171.114 (Verizon Wireless AZ, March 2, 2026 — DNS Zone Editor, mass_edit_dns_zone), 74.244.177.66 (Starlink Phoenix, April 21, 2026 — DNS Zone Editor + graceful_reboot_landing/server reboot), and 174.234.68.59 (Verizon Wireless NV, December 2025 — two SSH root terminal sessions 2+ hours each). All three attributed to Rob. The arizonawebsitedesign.pro account was cleaned of a Duplicator installer (installer.php, Sep 2022), ALFA web shell framework remnant under .well-known/pki-validation/ALFA_DATA/, and two zero-byte PHP files.

WordPress session_tokens were queried across all Rob-associated admin accounts. Rob's rob@azcomputerguru.com guruadmin accounts remain active on 25+ client sites; last confirmed Rob-IP sessions from Cox 69.136.118.50 through May 2025. Recent sessions showing Mike's Comcast IP 76.18.103.222 were initially flagged as anomalous but Mike confirmed Rob has legitimate Tailscale access — his traffic exits through Mike's LAN. Rob also has a magus/info@maguspressworks.com identity (maguspressworks.com, registered April 2024) with admin on hightechmortgage_maindb, nwpool_db, nwpool_maindb, packetdial_2022 — all added October 20, 2025.

Productivity validation cross-referenced login timestamps against actual server-side evidence. WordPress post revisions confirmed real content work on hightechmortgage only (April 6, 2026: User Registration page edited/published, htm_user_class entries by magus). All other recent sessions (acepickupparts May 6, nwpool May 12, packetdial May 18-19, thrive May 2025) showed no post revisions or only an auto-draft. Rob's automation scripts in /root were inventoried — six scripts written and run once on January 13, 2026, plus scan_smart_slider.sh added April 11, 2026 in response to Smart Slider 3 Pro CVE. None are cron-scheduled.

SSH authorized_keys audited on both servers. A GoDaddy infrastructure key (root@224.235.109.208.host.secureserver.net) was found in IX root authorized_keys with no justification and was removed. websvr has a rob cPanel account with an empty crontab. Session ended with a discussion of non-root access architecture (WHM reseller + sudo-restricted SSH) for Rob. Mike has a meeting with Rob on 2026-05-21 to discuss productivity; outcome will be either implementing the reseller scheme or full lockout.

Key Decisions

• Tailscale exit node explains 76.18.103.222 sessions — initially treated as anomalous. Mike confirmed Rob has Tailscale network access. Traffic egresses through Mike's LAN. No security incident.
• GoDaddy key removed immediately — no documented justification for external root SSH trust from GoDaddy infrastructure. Removed same session; backup retained on server.
• Post revisions as primary work evidence — reliable because they are created by the editing user with a timestamp. Filesystem mtimes not used due to noise from automated processes.
• Automation scripts assessed as one-time work — all report outputs dated January 13, 2026 only. Not scheduled, not maintained.
• Discord IP pull ruled out — Discord does not expose member IPs to server admins. Not viable without legal process.

Problems Encountered

• Collation mismatch on UNION query — UNION ALL across multiple WordPress databases failed: ERROR 1271 (HY000): Illegal mix of collations. Resolved by running per-database queries instead.
• plink batch mode rejected hostkeys — Both IX and websvr failed with FATAL ERROR: Cannot confirm a host key in batch mode. Resolved by adding -hostkey <fingerprint> to all commands.

Configuration Changes

• Removed GoDaddy SSH key from /root/.ssh/authorized_keys on 172.16.3.10
  • Key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2RXPvnQjdn/hvLtzqiFibKEfcYZviwZIgr26VyVdMT root@224.235.109.208.host.secureserver.net
  • Backup: /root/.ssh/authorized_keys.bak.20260520 on IX
• Removed from /home/azwebdesign/public_html/ on IX:
  • installer.php (75KB Duplicator installer, Sep 2022)
  • dup-installer-bootlog__970a9a6-14174455.txt
  • .well-known/pki-validation/ALFA_DATA/ directory
  • .well-known/pki-validation/marijuan.php (0 bytes)
  • .well-known/pki-validation/0r.php (0 bytes)

Infrastructure

• websvr.acghosting.com — 162.248.93.81, CentOS 7, WHM/cPanel, SSH hostkey: SHA256:qcaW8BWq5UyM0l0g6DS9JfYbMZN/LTXLs3BIEZV8BE0
• websvr root password: [3H+_f.Yh4c0>@egH[6L!?u]S3s[9C82 — vault: infrastructure/websvr-legacy-hosting.sops.yaml

Rob's Identity and Access Profile

• Primary: rob@azcomputerguru.com — guruadmin on 25+ WP client sites (batch-created 2020-03-17)
• Secondary: magus / info@maguspressworks.com — admin on hightechmortgage, nwpool (x2), packetdial_2022 (added 2025-10-20)
• Business: maguspressworks.com — Namecheap, registered 2024-04-12, updated 2026-03-14, privacy protected
• Cox IP: 69.136.118.50 — last Rob session May 20, 2025
• Verizon mobile: 97.181.171.114 (WHM Mar 2026), 174.234.68.59 (SSH Dec 2025)
• Starlink Phoenix: 74.244.177.66 (WHM Apr 2026)
• Via Tailscale/Mike's LAN: 76.18.103.222 — multiple WP sessions 2025-2026

Rob's Automation Scripts (IX /root/)

All scripts run once only. Not cron-scheduled.

Script	Purpose	Last Modified
/root/scan_sites.sh	Error logs, PHP memory errors, WP DB list	2026-01-13 11:31
/root/check_dbs.sh	DB bloat per site	2026-01-13 11:32
/root/cleanup_error_logs.sh	Truncate error logs for ~11 domains	2026-01-13 20:01
/root/cleanup_wordfence.sh	TRUNCATE Wordfence tables across all DBs	2026-01-13 20:09
/root/generate_security_performance_report.sh	Full IX security/perf audit	2026-01-13 20:12
/root/scan_smart_slider.sh	Smart Slider 3 Pro CVE scanner	2026-04-11 05:09
/root/URGENT_SITE_ISSUES.txt	Jan 13 scan findings (3.4KB) — not yet read	2026-01-13 11:33
/root/IX_SECURITY_PERFORMANCE_REPORT_2026-01-13.txt	Full report (37KB) — not yet read	2026-01-13 20:16

WordPress Last Login Summary (Rob Accounts)

Database	Account	Last Login (UTC)	IP
cryoweave_maindb	guruadmin	2023-03-17 16:06	70.162.90.195
thrive_maindb	guruadmin	2025-05-20 21:02	69.136.118.50 (Rob's Cox)
drsticken_maindb	guruadmin	2024-05-31 19:42	69.136.118.50
compoundfitness_maindb	guruadmin	2024-05-22 20:30	69.136.118.50
bruceext_maindb	guru	2024-06-06 16:59	69.136.118.50
blackswanarchery_maindb	guruadmin	2025-07-24 17:27	76.18.103.222 (Tailscale)
acepickupparts_maindb	guruadmin	2026-05-06 17:15	76.18.103.222 (Tailscale)
peacefulspirit_wp24	guruadmin	2026-05-09 04:24	76.18.103.222 (Tailscale)
hightechmortgage_maindb	magus	2026-04-06 19:46	76.18.103.222 (Tailscale)
nwpool_maindb	magus	2025-12-08 15:27	127.0.0.1 (server-side)
nwpool_db	magus	2026-05-12 03:45	76.18.103.222 (Tailscale)
packetdial_2022	magus	2026-05-18 14:18	76.18.103.222 (Tailscale)
packetdial_2022	magus	2026-05-19 21:39	76.18.103.222 (Tailscale)

WordPress Content Confirmed vs. Login Events

Site	Session Date	Work Found	User	Detail
hightechmortgage	2026-04-06	Yes	magus	Published "User Registration" page, htm_user_class (Client/Investor) entries
packetdial	2026-05-18	Minimal	magus	Auto-draft only + automated URL metrics update
peacefulspirit	2026-05-09	Other user	mara	"Meet The Staff" revised by mara, not Rob
acepickupparts	2026-05-06	None	—	Login, no post revisions
nwpool	2026-05-12	None	—	Login, no post revisions
thrive	2025-05-20	None	—	Login, no post revisions

IX SSH Authorized Keys (Post-Cleanup, 10 keys)

Rotating cPanel keys (4), azcomputerguru@local, claude-code, claude-code@localadmin, root@websvr.acghosting.com, guru@wsl, root@Jupiter. Removed: root@224.235.109.208.host.secureserver.net (GoDaddy).

Pending — 2026-05-21 Rob Meeting

Two outcomes:

Option A — Continue employment / implement tracked access:

1. Create WHM reseller account for Rob on IX (and websvr)
2. Grant ACL-based WHM privileges (DNS editor, WP Toolkit, assigned client accounts)
3. Create system user rob + /etc/sudoers.d/rob restricting SSH commands
4. Remove Rob's root-level WHM/SSH access
5. Assign specific client cPanel accounts to his reseller ownership

Option B — Termination / lockout:

1. Change root WHM password on IX and websvr
2. Remove Rob's Tailscale node
3. Disable guruadmin (rob@azcomputerguru.com) on all 25+ client WP sites
4. Disable magus (maguspressworks.com) on hightechmortgage, nwpool (x2), packetdial
5. Revoke any remaining API tokens or remote access tools

Still Not Investigated

• /root/URGENT_SITE_ISSUES.txt — Rob's Jan 13, 2026 findings (3.4KB)
• /root/IX_SECURITY_PERFORMANCE_REPORT_2026-01-13.txt — full server report (37KB)
• DNS records Rob modified in March 2 and April 21 WHM sessions — what zones/records changed
• Reason for April 21 server reboot (graceful_reboot_landing) — authorized?

---

Update: Evening — arizonahatters Wordfence Fix

Summary

Rob's January 13, 2026 URGENT_SITE_ISSUES.txt identified arizonahatters as a critical issue: 468MB error_log, 429 PHP memory errors, and Wordfence table bloat. Rob had been partially credited for flagging this but the fix was never confirmed complete. Audited and fully resolved this session.

Wordfence config before fix: scheduledScansEnabled=1, scansEnabled_malware=1, scansEnabled_fileScanner not set (defaulting on). Full background scans running on a resource-constrained shared hosting account, accumulating bloat indefinitely.

Actions taken:

1. Disabled all Wordfence scanning in arizonahatters_maindb.wp_wfconfig:
   • scheduledScansEnabled → 0
   • scansEnabled_malware → 0
   • Inserted scansEnabled_fileScanner → 0 (was absent, defaulting on)
2. Truncated large scan-data tables:
   • wp_wffilemods: 11.52MB → 0.02MB
   • wp_wfknownfilelist: 5.52MB → 0.02MB
3. Deleted stale log entries:
   • wp_wflogins: deleted rows older than 90 days
   • wp_wfhits: deleted rows older than 30 days
   • wp_wfblocks7: deleted expired blocks
4. Ran OPTIMIZE TABLE on all five Wordfence tables
5. Cleared /home/arizonahatters/public_html/error_log (was 76K, 340 PHP memory errors)

Result: Total DB reduced from 32.24MB → 13.45MB. Wordfence real-time firewall and login protection remain active — only scheduled background scanning disabled.

peacefulspirit confirmed fixed: Rob's cleanup_wordfence.sh (Jan 13) had truncated WPML mails and Gravity Forms tables. Verified: wp_wpml_mails 156MB → 1.6MB, total DB ~310MB → ~100MB. That one Rob did follow through on.

Configuration Changes

• arizonahatters_maindb.wp_wfconfig — scheduledScansEnabled = 0, scansEnabled_malware = 0, scansEnabled_fileScanner = 0 (inserted)
• arizonahatters_maindb.wp_wffilemods — TRUNCATED (11.52MB → 0.02MB)
• arizonahatters_maindb.wp_wfknownfilelist — TRUNCATED (5.52MB → 0.02MB)
• arizonahatters_maindb.wp_wflogins — deleted entries older than 90 days
• arizonahatters_maindb.wp_wfhits — deleted entries older than 30 days
• arizonahatters_maindb.wp_wfblocks7 — deleted expired blocks
• All five tables: OPTIMIZE TABLE applied
• /home/arizonahatters/public_html/error_log — cleared (340 PHP memory exhaustion errors)

Infrastructure

• arizonahatters cPanel account: arizonahatters on IX (172.16.3.10)
• WP DB: arizonahatters_maindb
• WP path: /home/arizonahatters/public_html

---

Update: Late Evening — azcomputerguru.com Full SEO Audit & Fixes

Session Summary

Performed a comprehensive SEO audit and implemented all automatable fixes on azcomputerguru.com (WordPress 6.9.4, IX server 172.16.3.10, Cloudflare Pro zone 1beb9917c22b54be32e5215df2c227ce). Work divided into: server-side file edits, WordPress option/meta updates, and Cloudflare edge rule creation.

Audit findings (abridged): Homepage title was "Home – Arizona Computer Guru" (generic); no meta description; logo link pointed to dev.computerguru.me; 5 images in footer referenced dev.computerguru.me URLs with no alt text; LocalBusiness schema absent; footer widget titles used H2 inflating heading hierarchy; duplicate CSS enqueue block; 4 canonical URLs returning 404 or redirecting via Apache only (blocked by Cloudflare WAF before reaching Apache); media library images missing alt text on 10 attachments.

Server-side fixes (via SSH plink):

• header.php — Fixed logo href from dev.computerguru.me to https://azcomputerguru.com/, added alt text to logo img
• footer.php — Replaced all 5 dev.computerguru.me image paths with production URLs, added descriptive alt text to all social/footer icons
• functions.php — Removed duplicate CSS enqueue block (lines 255-263), changed footer sidebar widget titles from H2 to H3, added remove_action('wp_head','wp_generator'), appended full acg_localbusiness_schema() function with LocalBusiness+ProfessionalService JSON-LD
• .htaccess — Added Apache-level 301 redirects for /services/, /about/, /blog/, /website-services/ (backup: .htaccess.bak-seo-20260520)

WordPress DB updates (via WP-CLI):

• autodescription-site-settings option — homepage_title: "Arizona Computer Guru | Managed IT Services Tucson AZ", homepage_description set (159 chars), homepage_tagline disabled
• Page ID 297 (/tucson-seo/) — _genesis_description meta set
• Media alt text — _wp_attachment_image_alt set on 10 attachment IDs: 1162, 20, 23, 24, 37, 1167, 1163, 1166, 1164, 1165
• Post 17 content — added alt text to gurucube and divider inline images

Cloudflare edge redirects (Page Rules API): 4 Page Rules created to redirect at the Cloudflare edge (before WAF bot checks reach Apache):

• azcomputerguru.com/services* → https://azcomputerguru.com/business-it-services-tucson/ [301]
• azcomputerguru.com/about* → https://azcomputerguru.com/history-of-arizona-computer-guru/ [301]
• azcomputerguru.com/blog* → https://azcomputerguru.com/category/blog/ [301]
• azcomputerguru.com/website-services* → https://azcomputerguru.com/tucson/web-services-for-tucson-businesses/ [301]

All 4 verified live returning HTTP 301 with browser user agent.

Key Decisions

• Cloudflare Page Rules over Transform Rules — http_request_dynamic_redirect phase writes failed on all 3 stored tokens (none have Transform Rules Edit permission). Page Rules API worked with api_token_full_dns. Functionally equivalent for forwarding rules.
• LocalBusiness schema via functions.php hook — The SEO Framework (autodescription) v5.1.4 doesn't generate LocalBusiness schema. Added custom PHP at wp_head priority 5 to emit JSON-LD without a plugin.
• Footer H2 → H3 only for footer sidebar — Multiple sidebars registered in functions.php all used H2 for widget titles. Only changed the footer sidebar (last registration, id='footer'). Content-area sidebars left at H2 to avoid regressions on page sidebars.
• TSF stores homepage SEO in option, not post meta — _genesis_title / _genesis_description on post ID (homepage) are ignored by TSF v5+. Updated via update_option('autodescription-site-settings', ...).

Problems Encountered

• Cloudflare Transform Rules permission denied — Three tokens tried: api_token_full_account, api_token_full_dns, api_token_legacy. All failed on PUT .../phases/http_request_dynamic_redirect/entrypoint. Resolved by using Page Rules API instead.
• Bot Fight Mode blocking curl test — 301 redirects looked like 403s until a browser User-Agent was added to curl. Not an actual error — Cloudflare correctly redirects real browsers.
• TSF homepage SEO not stored as post meta — First attempted wp post meta update 2 _genesis_title ... per page SEO pattern. No effect on homepage title. Resolved by reading TSF source and updating the autodescription-site-settings option directly.
• Apostrophe in WP-CLI shell arg — Tucson's in description broke bash single-quote heredoc. Rewrote description without apostrophe.

Configuration Changes

*IX server — azcomputerguru WP theme files (backups: .bak-seo-20260520):

• /home/azcomputerguru/public_html/wp-content/themes/arizonacomputerguru/header.php — logo link + alt
• /home/azcomputerguru/public_html/wp-content/themes/arizonacomputerguru/footer.php — all image URLs + alt text
• /home/azcomputerguru/public_html/wp-content/themes/arizonacomputerguru/functions.php — dedup CSS, H3 widgets, schema function
• /home/azcomputerguru/public_html/.htaccess — 4 Apache 301 redirects

WordPress DB (azcomputerguru_maindb):

• wp_options.autodescription-site-settings — homepage title + description
• wp_postmeta — _genesis_description on page 297, _wp_attachment_image_alt on 10 attachments, alt text on post 17 inline images

Cloudflare (zone 1beb9917c22b54be32e5215df2c227ce):

• Page Rule 7060e99901a3e4a09b3fc9c2e5156d05 — /services* → /business-it-services-tucson/ [301]
• Page Rule 84ea14b8d3fe2983b75267337602924a — /about* → /history-of-arizona-computer-guru/ [301]
• Page Rule fb1a7c5189bf9c1c2a356c438f4eccdc — /blog* → /category/blog/ [301]
• Page Rule a9c1964c60bb2b53d65f3955c7427691 — /website-services* → /tucson/web-services-for-tucson-businesses/ [301]

Pending / Incomplete Tasks

• Slider Revolution duplicate H1 — Two H1 tags in homepage slider layers; one has concatenation bug "ServicesDesign" (no space). Must be fixed via WP Admin → Slider Revolution. Cannot be automated.
• Social icon hrefs — Footer social icons still use href="#" placeholder. Need actual ACG social profile URLs.
• Street address in LocalBusiness schema — Only city/state currently; full postal address improves Knowledge Panel accuracy.
• Generator tag suppression — Slider Revolution, Site Kit, performance-lab plugins still outputting <meta name="generator">. Would require per-plugin suppression hooks.
• Google Search Console — No GSC property confirmed; sitemap submission pending.

Infrastructure

• azcomputerguru.com WP path: /home/azcomputerguru/public_html
• Theme path: /home/azcomputerguru/public_html/wp-content/themes/arizonacomputerguru/
• SEO Plugin: The SEO Framework (autodescription) v5.1.4
• Cloudflare zone ID: 1beb9917c22b54be32e5215df2c227ce
• Cloudflare account ID: 44594c346617d918bd3302a00b07e122