Useful WordPress wp-config Tricks That You May Not Know

If you are one of the many who install WordPress via Fantastico, chances are, you won’t even know the existence of the wp-config file in WordPress. The wp-config.php file is one of the most important files in WordPress. It holds the keys to your database and also many of the configuration options that you never know you can do with WordPress. Here are some tricks that you can get your WordPress to do by editing the wp-config file.

1. Database settings

define('DB_NAME', 'putyourdbnamehere');
define('DB_USER', 'usernamehere');
define('DB_PASSWORD', 'yourpasswordhere');
define('DB_HOST', 'localhost');

This is the first thing that you need to configure in order for WordPress to work. In most cases, you only need to change the database name, username and password. For the DB_HOST, ‘localhost’ should work most of the times. If not, ask your server administrator for details.

2. Changing the database charset value

define('DB_CHARSET', 'utf8');

You won’t have to change this value 99% of the time. Change this only if you are very sure that your database is using a different charset.

3. Changing the database character set sort order

define('DB_COLLATE', '');

Once again, change this only if you know what you are doing. If not, leaving it blank is the best option.

4. Authentication keys

define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');

The authentication keys are used to insure better encryption of information stored in the user’s cookies. Go to https://api.wordpress.org/secret-key/1.1/ to generate a new set of keys and copy/paste them into your wp-config.php file.

If you are using WPMU, you will see three extra sets of authentication keys:

define('AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');

5. Table prefix

$table_prefix = 'wp_';

This $table_prefix settings allow you to change the default wp_ prefix before your WordPress installation.

Note: If your existing database is already using the default wp_ prefix, changing this value will not change the database value, and it will also cause your site to break. To change your existing table prefix, refer to this tutorial.

6. Language and Language Directory

define('WPLANG', 'de_DE');
define('LANGDIR', 'mylanguagedirectory');

If you are using a language translation file for your blog, this is where you define the language that you are using and the location of the translation (.mo) files.

Defining of LANGDIR is optional. If it is not specified, WordPress will first look up the wp-content/languages folder, follow by wp-includes/languages for the .mo file.

7. Defining the Home and site url

define('WP_SITEURL','http://your-site-url.com');
define('WP_HOME','http://your-site-url.com');

The SITEURL refers to the actual installation path of WordPress (the file path where the wordpress files are located) while the HOME refers to the URL that you want your visitor to access. There are several uses for this

  1. For security measure. Install your wordpress in subfolder and have your visitors access them from the root directory
  2. Migrating to new URl. When you are moving to a new URL, you can easily restore your database by pointing the WP_SITEURL and WP_HOME to the new URL. No editing of the database is required.

8. Revision count

define('WP_POST_REVISIONS', FALSE);
define('WP_POST_REVISIONS', 3);

Change the number of post revisions for WordPress to record. Giving it a value of FALSE (without the quote) will turn post revisions off.

9. Modify AutoSave Interval

define('AUTOSAVE_INTERVAL', 160 );

When editing a post, WordPress uses Ajax to auto-save revisions to the post as you edit. You may want to increase this setting for longer delays in between auto-saves, or decrease the setting to make sure you never lose changes. The default is 60 seconds.

10. Define new wp-content location

define( 'WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'] . '/blog/wp-content' );
define( 'WP_CONTENT_URL', 'http://example/blog/wp-content');
define( 'WP_PLUGIN_DIR', $_SERVER['DOCUMENT_ROOT'] . '/blog/wp-content/plugins' );
define( 'WP_PLUGIN_URL', 'http://example/blog/wp-content/plugins');

Since WP2.6, you are allowed to move the wp-content folder to other destination and still get it working. You just need to specify the filepath of the new location in the wp-config file.

11. Access external configuration files

require_once(‘FilePathToConfigurationFiles’);

For developer, if you need to access external configuration file from within WordPress, the place to define it will be within the wp-config.php. This is useful when integrating another software with WordPress. For example, to integrate bbpress with WordPress, add the following

require_once(‘filepathtoforums/bb-load.php');

to access to the bbpress functions in WordPress.

12. Managing your cookies

define('COOKIE_DOMAIN', '.yoursite.com');
define('COOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_option('home') . '/' ) );
define('SITECOOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_option('siteurl') . '/' ) );
define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . 'wp-admin' );
define( 'PLUGINS_COOKIE_PATH', preg_replace('|https?://[^/]+|i', '', WP_PLUGIN_URL)  );

The cookie definition is meant for sites with unusual domain setup. If you are using sub-domains to serve static content, you won’t want WordPress to track the cookies for the static sites. Simply define the COOKIE_DOMAIN option to limit the domain tracked by the cookie.

13. Debug

define('WP_DEBUG', true);

The WP_DEBUG option is especially useful when you are developing a WP site. It allows you to see what went wrong in the code. In actual production site, this option should be turned off (FALSE) as it can affect the performance of the site.

Additionally, if you are planning on modifying some of WordPress’ built-in JavaScript, you can enable the following option:

define('SCRIPT_DEBUG', true);

This will allow you to edit the scriptname.dev.js files in the wp-includes/js and wp-admin/js directories.

14. Configure Error Log

@ini_set('log_errors','On');
@ini_set('display_errors','Off');
@ini_set('error_log','/home/example.com/logs/php_error.log');

This option allows you to turn on php error_logging and logs them to a specific file. This is especially useful for those who have no access to the php.ini file.

15. Increasing memory allocated to PHP

define('WP_MEMORY_LIMIT', '64M');

Specify the maximum amount of memory that can be consumed by PHP. This setting may be necessary in the event you receive a message such as “Allowed memory size of xxxxxx bytes exhausted”.

16. Cache

define('WP_CACHE', true);

Activate the WP_CACHE for better site performance.

17. Custom User and Usermeta Tables

define('CUSTOM_USER_TABLE', $table_prefix.'my_users');
define('CUSTOM_USER_META_TABLE', $table_prefix.'my_usermeta');

Save the user data to other table instead of the default wp_users.

18. Save queries for analysis

define('SAVEQUERIES', true);

The SAVEQUERIES option allows you to see all the queries made to the database. You can then analyze those queries and see the function that called it, and how long that query took to execute.

NOTE: This will have a performance impact on your site, so make sure to turn this off when you aren’t debugging.

To view the queries, place the following code in the footer of your theme:

<?php
if (current_user_can(‘level_10′)){
global $wpdb;
echo “<pre>”;
print_r($wpdb->queries);
echo “</pre>”;
}
?>

The code above uses the level_10 capability so only the administrator will see the query results.

19. Override of default file permissions

define('FS_CHMOD_DIR', (0755 & ~ umask()));
define('FS_CHMOD_FILE', (0644 & ~ umask()));

The above two options allow you to override the default file permissions. You won’t have to define this in most cases. However if your webhost uses restrictive permissions for all user files, then this is the way to go around it.

20. FTP/SSH Constants

define('FS_METHOD', 'ftpext');
define('FTP_BASE', '/path/to/wordpress/');
define('FTP_CONTENT_DIR', '/path/to/wordpress/wp-content/');
define('FTP_PLUGIN_DIR ', '/path/to/wordpress/wp-content/plugins/');
define('FTP_PUBKEY', '/home/username/.ssh/id_rsa.pub');
define('FTP_PRIKEY', '/home/username/.ssh/id_rsa');
define('FTP_USER', 'username');
define('FTP_PASS', 'password');
define('FTP_HOST', 'ftp.example.org:21');

WordPress allows you to upgrade the core version and plugins from within the backend. However, some of you might not be able to enjoy the benefits due to the FTP connection issue. Simply update your wp-config file with the necessary FTP credential and your WP upgrade function should work fine.

21. Control Proxy Access

define('WP_HTTP_BLOCK_EXTERNAL', false);
define('WP_ACCESSIBLE_HOSTS', 'api.wordpress.org');

The above options allow you to access external hosts from your domain. This is useful if you are in a restrictive environment (such as your comapny’s intranet) and you need to access an external host.

Protecting wp-config file

With so many information in the wp-config.php file, the last thing that you want is for hacker to see your wp-config file and gain access to your database.

Add the following code to your .htaccess file to prevent hackers from accessing your wp-config file.

# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>

Did I miss out any tricks? Leave it in the comments