If you are one of the many who install WordPress via Fantastico, chances are, you won’t even know the existence of the wp-config file in WordPress. The wp-config.php file is one of the most important files in WordPress. It holds the keys to your database and also many of the configuration options that you never know you can do with WordPress. Here are some tricks that you can get your WordPress to do by editing the wp-config file.
1. Database settings
define('DB_NAME', 'putyourdbnamehere'); define('DB_USER', 'usernamehere'); define('DB_PASSWORD', 'yourpasswordhere'); define('DB_HOST', 'localhost');
This is the first thing that you need to configure in order for WordPress to work. In most cases, you only need to change the database name, username and password. For the DB_HOST, ‘localhost’ should work most of the times. If not, ask your server administrator for details.
2. Changing the database charset value
You won’t have to change this value 99% of the time. Change this only if you are very sure that your database is using a different charset.
3. Changing the database character set sort order
Once again, change this only if you know what you are doing. If not, leaving it blank is the best option.
4. Authentication keys
define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here');
The authentication keys are used to insure better encryption of information stored in the user’s cookies. Go to https://api.wordpress.org/secret-key/1.1/ to generate a new set of keys and copy/paste them into your wp-config.php file.
If you are using WPMU, you will see three extra sets of authentication keys:
define('AUTH_SALT', 'put your unique phrase here'); define('LOGGED_IN_SALT', 'put your unique phrase here'); define('SECURE_AUTH_SALT', 'put your unique phrase here');
5. Table prefix
$table_prefix = 'wp_';
This $table_prefix settings allow you to change the default wp_ prefix before your WordPress installation.
Note: If your existing database is already using the default wp_ prefix, changing this value will not change the database value, and it will also cause your site to break. To change your existing table prefix, refer to this tutorial.
6. Language and Language Directory
define('WPLANG', 'de_DE'); define('LANGDIR', 'mylanguagedirectory');
If you are using a language translation file for your blog, this is where you define the language that you are using and the location of the translation (.mo) files.
Defining of LANGDIR is optional. If it is not specified, WordPress will first look up the wp-content/languages folder, follow by wp-includes/languages for the .mo file.
7. Defining the Home and site url
The SITEURL refers to the actual installation path of WordPress (the file path where the wordpress files are located) while the HOME refers to the URL that you want your visitor to access. There are several uses for this
- For security measure. Install your wordpress in subfolder and have your visitors access them from the root directory
- Migrating to new URl. When you are moving to a new URL, you can easily restore your database by pointing the WP_SITEURL and WP_HOME to the new URL. No editing of the database is required.
8. Revision count
define('WP_POST_REVISIONS', FALSE); define('WP_POST_REVISIONS', 3);
Change the number of post revisions for WordPress to record. Giving it a value of FALSE (without the quote) will turn post revisions off.
9. Modify AutoSave Interval
define('AUTOSAVE_INTERVAL', 160 );
When editing a post, WordPress uses Ajax to auto-save revisions to the post as you edit. You may want to increase this setting for longer delays in between auto-saves, or decrease the setting to make sure you never lose changes. The default is 60 seconds.
10. Define new wp-content location
define( 'WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'] . '/blog/wp-content' ); define( 'WP_CONTENT_URL', 'http://example/blog/wp-content'); define( 'WP_PLUGIN_DIR', $_SERVER['DOCUMENT_ROOT'] . '/blog/wp-content/plugins' ); define( 'WP_PLUGIN_URL', 'http://example/blog/wp-content/plugins');
Since WP2.6, you are allowed to move the wp-content folder to other destination and still get it working. You just need to specify the filepath of the new location in the wp-config file.
11. Access external configuration files
For developer, if you need to access external configuration file from within WordPress, the place to define it will be within the wp-config.php. This is useful when integrating another software with WordPress. For example, to integrate bbpress with WordPress, add the following
to access to the bbpress functions in WordPress.
12. Managing your cookies
define('COOKIE_DOMAIN', '.yoursite.com'); define('COOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_option('home') . '/' ) ); define('SITECOOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_option('siteurl') . '/' ) ); define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . 'wp-admin' ); define( 'PLUGINS_COOKIE_PATH', preg_replace('|https?://[^/]+|i', '', WP_PLUGIN_URL) );
The cookie definition is meant for sites with unusual domain setup. If you are using sub-domains to serve static content, you won’t want WordPress to track the cookies for the static sites. Simply define the COOKIE_DOMAIN option to limit the domain tracked by the cookie.
The WP_DEBUG option is especially useful when you are developing a WP site. It allows you to see what went wrong in the code. In actual production site, this option should be turned off (FALSE) as it can affect the performance of the site.
This will allow you to edit the scriptname.dev.js files in the wp-includes/js and wp-admin/js directories.
14. Configure Error Log
@ini_set('log_errors','On'); @ini_set('display_errors','Off'); @ini_set('error_log','/home/example.com/logs/php_error.log');
This option allows you to turn on php error_logging and logs them to a specific file. This is especially useful for those who have no access to the php.ini file.
15. Increasing memory allocated to PHP
Specify the maximum amount of memory that can be consumed by PHP. This setting may be necessary in the event you receive a message such as “Allowed memory size of xxxxxx bytes exhausted”.
Activate the WP_CACHE for better site performance.
17. Custom User and Usermeta Tables
define('CUSTOM_USER_TABLE', $table_prefix.'my_users'); define('CUSTOM_USER_META_TABLE', $table_prefix.'my_usermeta');
Save the user data to other table instead of the default wp_users.
18. Save queries for analysis
The SAVEQUERIES option allows you to see all the queries made to the database. You can then analyze those queries and see the function that called it, and how long that query took to execute.
NOTE: This will have a performance impact on your site, so make sure to turn this off when you aren’t debugging.
To view the queries, place the following code in the footer of your theme:
The code above uses the level_10 capability so only the administrator will see the query results.
19. Override of default file permissions
define('FS_CHMOD_DIR', (0755 & ~ umask())); define('FS_CHMOD_FILE', (0644 & ~ umask()));
The above two options allow you to override the default file permissions. You won’t have to define this in most cases. However if your webhost uses restrictive permissions for all user files, then this is the way to go around it.
20. FTP/SSH Constants
define('FS_METHOD', 'ftpext'); define('FTP_BASE', '/path/to/wordpress/'); define('FTP_CONTENT_DIR', '/path/to/wordpress/wp-content/'); define('FTP_PLUGIN_DIR ', '/path/to/wordpress/wp-content/plugins/'); define('FTP_PUBKEY', '/home/username/.ssh/id_rsa.pub'); define('FTP_PRIKEY', '/home/username/.ssh/id_rsa'); define('FTP_USER', 'username'); define('FTP_PASS', 'password'); define('FTP_HOST', 'ftp.example.org:21');
WordPress allows you to upgrade the core version and plugins from within the backend. However, some of you might not be able to enjoy the benefits due to the FTP connection issue. Simply update your wp-config file with the necessary FTP credential and your WP upgrade function should work fine.
21. Control Proxy Access
define('WP_HTTP_BLOCK_EXTERNAL', false); define('WP_ACCESSIBLE_HOSTS', 'api.wordpress.org');
The above options allow you to access external hosts from your domain. This is useful if you are in a restrictive environment (such as your comapny’s intranet) and you need to access an external host.
Protecting wp-config file
With so many information in the wp-config.php file, the last thing that you want is for hacker to see your wp-config file and gain access to your database.
Add the following code to your .htaccess file to prevent hackers from accessing your wp-config file.
# protect wpconfig.php <files wp-config.php> order allow,deny deny from all </files>
Did I miss out any tricks? Leave it in the comments