Wordpress

How to Configure WordPress, Meet WP-Config the Heart of WordPress.

Configure WordPress, One of the most important files of a WordPress installation is the configuration file. It resides in the root directory and contains constant definitions and PHP instructions that make WordPress work the way you want.

As the name suggests, it is a configuration file that is part of WordPress. So what’s the purpose of these files. what information is stored inside this file.

Unlike other files, the wp-config.php file does not come built-in with WordPress rather it’s generated specifically for your site during the installation process.

WordPress stores your database information in the wp-config.php file. Without this information, your WordPress website will not work, and you will get the ‘error establishing database connection error.

Apart from database information, the wp-config.php file also contains several other high-level settings.

Since this file contains a lot of sensitive information, it is recommended that you don’t mess with this file unless you have absolutely no other choice.

When you first install WordPress, you’re asked to input required information like database details and table prefixes. Sometimes your host will set up WordPress for you, and you won’t be required to manually run the set-up. But when you’re manually running the 5-minute install, you will be asked to input some of the most relevant data stored into wp-config.

Basic wp-config.php

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');
/** MySQL database username */
define('DB_USER', 'username_here');
/** MySQL database password */
define('DB_PASSWORD', 'password_here');
/** MySQL hostname */
define('DB_HOST', 'localhost');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');
/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');
define('AUTH_KEY',      'put your unique phrase here');
define('SECURE_AUTH_KEY',   'put your unique phrase here');
define('LOGGED_IN_KEY',     'put your unique phrase here');
define('NONCE_KEY',     'put your unique phrase here');
define('AUTH_SALT',     'put your unique phrase here');
define('SECURE_AUTH_SALT',  'put your unique phrase here');
define('LOGGED_IN_SALT',    'put your unique phrase here');
define('NONCE_SALT',        'put your unique phrase here');
$table_prefix  = 'wp_';

Usually, this file is automatically generated when you run the set-up, but occasionally WordPress does not have privileges to write in the installation folder. In this situation, you should create an empty wp-config.php file, copy and paste content from wp-config-sample.php, and set the proper values to all defined constants. When you’re done, upload your file into the root folder and run WordPress.

DB_NAME
DB_USER
DB_PASSWORD
DB_HOST
DB_CHARSET
DB_COLLATE

File System

The WordPress file system is well known by users and hackers. For this reason, you may consider changing the built-in file structure by moving specific folders in arbitrary locations and setting the corresponding URLs and paths in the wp-config file.

define( 'WP_CONTENT_DIR', dirname(__FILE__) . '/site/wp-content' );
define( 'WP_CONTENT_URL', 'http://example.com/site/wp-content' );
define( 'WP_PLUGIN_DIR', dirname(__FILE__) . '/wp-content/mydir/plugins' );
define( 'WP_PLUGIN_URL', 'http://example.com/wp-content/mydir/plugins' );
define( 'UPLOADS', 'wp-content/mydir/uploads' );

Features for Developers

If you are a developer you can force WordPress to show errors and warnings that will help you in theme and plugin debugging.

define( ‘WP_DEBUG’, true );
define( ‘WP_DEBUG’, true );
define( ‘WP_DEBUG_LOG’, true );
define( ‘WP_DEBUG_DISPLAY’, false );
@ini_set( ‘display_errors’, 0 );
define( ‘SCRIPT_DEBUG’, true );

if ( current_user_can( 'administrator' ) ) {
        global $wpdb;
        echo '<pre>';
        print_r( $wpdb->queries );
        echo '</pre>';
}

Content Settings

When your website grows up, you may want to reduce the number of post revisions. By default, WordPress automatically saves revisions every 60 seconds.

define( ‘AUTOSAVE_INTERVAL’, 160 );

If you’d want to disable post revisions, define the following constant:

define( ‘WP_POST_REVISIONS’, false );

If you’d want to limit the maximum number of revisions, instead, add the following line:

define( ‘WP_POST_REVISIONS’, 10 );

WordPress stores trashed posts, pages, attachments, and comments for 30 days, then deletes them permanently. We can change this value with the following constant:

define( ‘EMPTY_TRASH_DAYS’, 10 );

Allowed Memory Size

Occasionally you may receive a message like the following:

Fatal error: The allowed memory size of xxx bytes exhausted

That being said, you can set a custom value with the following line:

define( ‘WP_MEMORY_LIMIT’, ‘128M’ );
If needed, you can set a maximum memory limit, as well, with the following statement:

define( ‘WP_MAX_MEMORY_LIMIT’, ‘256M’ );

Automatic Updates

You can disable all automatic updates by defining the following constant:

define( ‘AUTOMATIC_UPDATER_DISABLED’, true );

Disables all core updates:

define( ‘WP_AUTO_UPDATE_CORE’, false );

Enables all core updates, including minor and major:

define( ‘WP_AUTO_UPDATE_CORE’, true );
Default value is minor:

define( ‘WP_AUTO_UPDATE_CORE’, ‘minor’ );

Security Settings

use wp-config file to increase site security. In addition to changes to the file structure we’ve looked at above, we can lock down some features that could open unnecessary vulnerabilities.

define( ‘DISALLOW_FILE_EDIT’, true );
A security feature is Administration over SSL.you can force WordPress to transfer data over SSL at any login and admin session.

define( ‘FORCE_SSL_ADMIN’, true );
Other two constants allow to block external requests and list admitted hosts.

define( ‘WP_HTTP_BLOCK_EXTERNAL’, true );
define( ‘WP_ACCESSIBLE_HOSTS’, ‘example.com,*.anotherexample.com’ );