Useful WordPress wp-config Tricks That You May Not Know

If you are one of the many who install WordPress via Fantastico, chances are, you won’t even know the existence of the wp-config file in WordPress. The wp-config.php file is one of the most important files in WordPress. It holds the keys to your database and also many of the configuration options that you never know you can do with WordPress. Here are some tricks that you can get your WordPress to do by editing the wp-config file.

1. Database settings

This is the first thing that you need to configure in order for WordPress to work. In most cases, you only need to change the database name, username and password. For the DB_HOST, ‘localhost’ should work most of the times. If not, ask your server administrator for details.

2. Changing the database charset value

You won’t have to change this value 99% of the time. Change this only if you are very sure that your database is using a different charset.

3. Changing the database character set sort order

Once again, change this only if you know what you are doing. If not, leaving it blank is the best option.

4. Authentication keys

The authentication keys are used to insure better encryption of information stored in the user’s cookies. Go to to generate a new set of keys and copy/paste them into your wp-config.php file.

If you are using WPMU, you will see three extra sets of authentication keys:

5. Table prefix

This $table_prefix settings allow you to change the default wp_ prefix before your WordPress installation.

Note: If your existing database is already using the default wp_ prefix, changing this value will not change the database value, and it will also cause your site to break. To change your existing table prefix, refer to this tutorial.

6. Language and Language Directory

If you are using a language translation file for your blog, this is where you define the language that you are using and the location of the translation (.mo) files.

Defining of LANGDIR is optional. If it is not specified, WordPress will first look up the wp-content/languages folder, follow by wp-includes/languages for the .mo file.

7. Defining the Home and site url

The SITEURL refers to the actual installation path of WordPress (the file path where the wordpress files are located) while the HOME refers to the URL that you want your visitor to access. There are several uses for this

  1. For security measure. Install your wordpress in subfolder and have your visitors access them from the root directory
  2. Migrating to new URl. When you are moving to a new URL, you can easily restore your database by pointing the WP_SITEURL and WP_HOME to the new URL. No editing of the database is required.

8. Revision count

Change the number of post revisions for WordPress to record. Giving it a value of FALSE (without the quote) will turn post revisions off.

9. Modify AutoSave Interval

When editing a post, WordPress uses Ajax to auto-save revisions to the post as you edit. You may want to increase this setting for longer delays in between auto-saves, or decrease the setting to make sure you never lose changes. The default is 60 seconds.

10. Define new wp-content location

Since WP2.6, you are allowed to move the wp-content folder to other destination and still get it working. You just need to specify the filepath of the new location in the wp-config file.

11. Access external configuration files

For developer, if you need to access external configuration file from within WordPress, the place to define it will be within the wp-config.php. This is useful when integrating another software with WordPress. For example, to integrate bbpress with WordPress, add the following

to access to the bbpress functions in WordPress.

12. Managing your cookies

The cookie definition is meant for sites with unusual domain setup. If you are using sub-domains to serve static content, you won’t want WordPress to track the cookies for the static sites. Simply define the COOKIE_DOMAIN option to limit the domain tracked by the cookie.

13. Debug

The WP_DEBUG option is especially useful when you are developing a WP site. It allows you to see what went wrong in the code. In actual production site, this option should be turned off (FALSE) as it can affect the performance of the site.

Additionally, if you are planning on modifying some of WordPress’ built-in JavaScript, you can enable the following option:

This will allow you to edit the files in the wp-includes/js and wp-admin/js directories.

14. Configure Error Log

This option allows you to turn on php error_logging and logs them to a specific file. This is especially useful for those who have no access to the php.ini file.

15. Increasing memory allocated to PHP

Specify the maximum amount of memory that can be consumed by PHP. This setting may be necessary in the event you receive a message such as “Allowed memory size of xxxxxx bytes exhausted”.

16. Cache

Activate the WP_CACHE for better site performance.

17. Custom User and Usermeta Tables

Save the user data to other table instead of the default wp_users.

18. Save queries for analysis

The SAVEQUERIES option allows you to see all the queries made to the database. You can then analyze those queries and see the function that called it, and how long that query took to execute.

NOTE: This will have a performance impact on your site, so make sure to turn this off when you aren’t debugging.

To view the queries, place the following code in the footer of your theme:

if (current_user_can(‘level_10’)){
global $wpdb;
echo “<pre>”;
echo “</pre>”;

The code above uses the level_10 capability so only the administrator will see the query results.

19. Override of default file permissions

The above two options allow you to override the default file permissions. You won’t have to define this in most cases. However if your webhost uses restrictive permissions for all user files, then this is the way to go around it.

20. FTP/SSH Constants

WordPress allows you to upgrade the core version and plugins from within the backend. However, some of you might not be able to enjoy the benefits due to the FTP connection issue. Simply update your wp-config file with the necessary FTP credential and your WP upgrade function should work fine.

21. Control Proxy Access

The above options allow you to access external hosts from your domain. This is useful if you are in a restrictive environment (such as your comapny’s intranet) and you need to access an external host.

Protecting wp-config file

With so many information in the wp-config.php file, the last thing that you want is for hacker to see your wp-config file and gain access to your database.

Add the following code to your .htaccess file to prevent hackers from accessing your wp-config file.

Did I miss out any tricks? Leave it in the comments

Damien Damien

Damien Oh started writing tech articles since 2007 and has over 10 years of experience in the tech industry. He is proficient in Windows, Linux, Mac, Android and iOS, and worked as a part time WordPress Developer. He is currently the owner and Editor-in-Chief of Make Tech Easier.


  1. This is great! I have one question.

    Can you edit this file to store user cookies for their next “log-in” I am developing a theme that uses, user interface in that it allows for homepage customization. I would like to store the “cookies” in the users sql so that upon next log in their page will be as it was when they were last logged in.

    Any ideas?



  2. As far as I know, the wp-config file is meant for all the backend stuff. I don’t think you can use it to store cookie on the user’s computer. You can do that though within the theme itself, on the header.php, beside the start of the html code.

Comments are closed.