Wp-config.php File in WordPress
The wp-config.php file is the major WordPress configuration file located at the site’s root folder. Database connection, secret keys storage to encrypt information, database prefix setup, debug mode enabling and the WordPress folder path specification are the main features of the file.
Standard functionality of the file is limited but you can add individual commands to enable additional features for the WordPress configuration. E.g., memory limit increase, posts and pages revision restriction and recycle bin automated cleanup.
In this article, you will learn about the wp-config standard features and what additional functions you can add up to it for handy WordPress configuration.
What is the wp-config.php File in WordPress
The wp-config.php is the file contained in the root of your WordPress file directory.
The WP-config.php in WordPress is the major site file that is used for:
- database connection settings
- site performance settings
- site security increase
The wp-config file doesn’t come in the new WordPress installation by default. Instead, there is an empty wp-config-sample.php template where there are empty fields for database connection, keys, database prefix and so on.
wp-config-sample.php
To fill out the file manually, fill in these lines:
<?php
// ** MySQL Data: You can get this information from your hosting provider ** //
/** WordPress data base name */
define(‘DB_NAME’, ‘database-name‘);
/** Username MySQL */
define(‘DB_USER’, ‘login-for-input-to-database‘);
/** Database Password MySQL */
define(‘DB_PASSWORD’, ‘password-database‘);
/** Server name MySQL */
define(‘DB_HOST’, ‘localhost’);
/** Database encoding for creating tables. */
define(‘DB_CHARSET’, ‘utf8mb4’);
/** The matching scheme. Do not change if you are not sure. */
define('DB_COLLATE', '');
The encoding is needed to use the WordPress in another language. Use UTF8 because this encoding supports all languages and has special characters such as á or ≥.
Comparison determines how rows are compared in the database, some mappings can be sensitive to the registry. Leave as is.
Keys and Salts
WordPress Security Keys is a collection of random characters that are used to encrypt information stored in browser cookies.
Salts are also a collection of random characters that are used for hashing passwords.
define('AUTH_KEY', '$YH+ bnq%E}`?_duv2]4`G%*ejm@@zl9tN]i~4;CO P#0gB%GfFK{h[0mv{a==yD');
define('SECURE_AUTH_KEY', ')c&!LZY.qbxA%Y8G{3=T:RTo6PKR*&=dl$rMrc?. *N~~5DBzLi|UT)C#2VyO$5=');
define('LOGGED_IN_KEY', 'FbI1/|VEjY(W04o5u&4aO0-0eDMv;8G>m-o1+YG*U%C+=[|k-9xe_s2V|r@?^B=O');
define('NONCE_KEY', 'W]UPj!=i]qytheeyiF*)-dTe6&10U(/>UqT#M%>W?s]V|QCH-gUgRgt|ey<|g71f');
define('AUTH_SALT', '(&#QoSZa$ vg}Zi?R2dJ{pfBd5g`OwkH_G&R$|*X<QnV1 (5>o@+fXR+sg?-X 4G');
define('SECURE_AUTH_SALT', 'TOA*xK=q!b,:Rab6}>#AVp58e~L#f6+?XV53O#]4Y9 ~*t;[Nq{<wacCrZh>|ks4');
define('LOGGED_IN_SALT', 'AhUx6wCx{c<oSe#/,sV{|6yX6QhG}mTM0U+Nb$Y}|};4hHmW|,bv-TFIV{F({j~>');
define('NONCE_SALT', '9#|YTF4OT-PX=a6S-aaF#qkG);Y)VA^vFgm+*ml{(b_E[=ASHs 70>h8(%*vz-#9');с
You can use the WordPress key generator to fill in these fields.
To increase security, you can change these keys 1-2 times a year.
Database Prefix
In the WordPress cPanel you can change the database prefix, the same can be done manually in wp-config.
<?php /** * Table prefix in the WordPress database. * ..... */ $table_prefix = 'wp_';
Replace wp_ with something unique. If you change the database prefix in this file, then you need to make a few more changes to the database.
The Debug Mode
The debug mode is off by default so leave it as that:
<?php
/**
* For Developers: WordPress Debugging Mode.
*
* Change this value to true to enable the display of notifications when developing.
* .....
*/
define('WP_DEBUG', false);
If you are working on a site, theme or plugin and are looking for a bug or got a white screen, enable debug mode, replacing false with true. Do not forget to turn off the mode after you finish the work – some information about the site will be displayed on the pages and this can be used by hackers or bots.
Additional Features
As with other php files, you can add your code to wp-config for easy WordPress configuration. Add carefully, because one mistake can stop the entire site.
At the beginning of each snippet there is a <?php tag, it can be removed, since it already exists in wp-config.php.