Professional Documents
Culture Documents
Wordpress Config File Updation
Wordpress Config File Updation
Editingwpconfig.phpWordPressCodex
Search WordPress.org
Readytogetstarted?
DownloadWordPress
Codex
Codextools:Login
Interestedinfunctions,hooks,classes,ormethods?CheckoutthenewWordPressCodeReference!
Editingwpconfig.php
Languages:EnglishDeutschFranaisHrvatskiItalianoPortugusdoBrasil()(Addyourlanguage)
OneofthemostimportantfilesinyourWordPressinstallationisthewpconfig.php
file.ThisfileislocatedintherootofyourWordPressfiledirectoryandcontainsyour
website'sbaseconfigurationdetails,suchasdatabaseconnectioninformation.
Contents
1ConfigureDatabaseSettings
1.1Defaultwpconfigsample.php
WhenyoufirstdownloadWordPress,thewpconfig.phpfileisntincluded.The
1.1.1SetDatabaseName
WordPresssetupprocesswillcreateawpconfig.phpfileforyoubasedonthe
1.1.2SetDatabaseUser
informationyouprovide.
1.1.3SetDatabasePassword
1.1.4SetDatabaseHost
Advanceduserscanmanuallycreateawpconfig.phpfilebylocatingthesamplefile
1.1.4.1PossibleDB_HOST
named"wpconfigsample.php"(locatedintherootinstalldirectory),editingitas
values
required,andthensavingitaswpconfig.php.
1.1.4.2MySQLAlternate
Port
1.1.4.3MySQLSocketsor
Pipes
1.2Databasecharacterset
1.3Databasecollation
1.4SecurityKeys
2AdvancedOptions
2.1table_prefix
2.2WordPressaddress(URL)
2.3Blogaddress(URL)
2.4Movingwpcontentfolder
2.5Movingpluginfolder
2.6Movingthemesfolder
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
1/23
2/11/2015
Editingwpconfig.phpWordPressCodex
2.7Movinguploadsfolder
2.8ModifyAutoSaveInterval
2.9PostRevisions
2.9.1DisablePostRevisions
2.9.2SpecifytheNumberof
PostRevisions
2.10SetCookieDomain
2.11EnableMultisite/Network
Ability
2.12RedirectNonexistentBlogs
2.13Debug
2.14DisableJavascript
Concatenation
2.15ConfigureErrorLogging
2.16Increasingmemoryallocated
toPHP
2.17Cache
2.18CustomUserandUsermeta
Tables
2.19LanguageandLanguage
Directory
2.19.1WordPressv4and
above
2.19.2WordPressv3.9.2and
below
2.20Savequeriesforanalysis
2.21Overrideofdefaultfile
permissions
2.22WordPressUpgrade
Constants
2.22.1EnablingSSHUpgrade
Access
2.23AlternativeCron
2.24DisableCronandCron
Timeout
2.25AdditionalDefinedConstants
2.26EmptyTrash
2.27AutomaticDatabase
Optimizing
2.28Donotupgradeglobaltables
2.29ViewAllDefinedConstants
2.30DisablethePluginand
ThemeEditor
2.31DisablePluginandTheme
UpdateandInstallation
2.32RequireSSLforAdminand
Logins
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
2/23
2/11/2015
Editingwpconfig.phpWordPressCodex
2.33BlockExternalURL
Requests
2.34DisableWordPressAuto
Updates
2.35DisableWordPressCore
Updates
3DoubleCheckBeforeSaving
4ExternalResources
5SeeAlso
NOTE:Thecontentsofthewpconfigsample.phpfileareinaveryspecificorder.Theordermatters.Ifyoualreadyhaveawp
config.phpfile,rearrangingthecontentsofthefilemaycreateerrorsonyourblog.
Tochangethewpconfig.phpfileforyourinstallation,youwillneedthisinformation:
DatabaseName
DatabaseNameusedbyWordPress
DatabaseUsername
UsernameusedtoaccessDatabase
DatabasePassword
PasswordusedbyUsernametoaccessDatabase
DatabaseHost
ThehostnameofyourDatabaseServer.Aportnumber,Unixsocketfilepathorpipemaybeneededaswell.
IfyourhostingproviderinstalledWordPressforyou,gettheinformationfromthem.Ifyoumanageyourownwebserverorhosting
account,youwillhavethisinformationasaresultofcreatingthedatabaseanduser.
ConfigureDatabaseSettings
Important:neveruseawordprocessorlikeMicrosoftWordforeditingWordPressfiles!
Locatethefilewpconfigsample.phpinthebasedirectoryofyourWordPressdirectoryandopeninatexteditor.
NOTE:SinceVersion2.6,wpconfig.phpcanbemovedtothedirectorydirectlyabovetheWordPressapplicationdirectory.
Defaultwpconfigsample.php
NOTE:Thisisanexampleofadefaultwpconfigsample.php.Thevalueshereareexamplestoshowyouwhattodo.Do
notchangethesedetailsherebyeditingthispage,changethemonyourwebserver.Ifyoumakechangesherebyusing
theeditbutton,theywillnotworkandyouwillbeshowingyourpassworddetailstotheworld.
//**MySQLsettingsYoucangetthisinfofromyourwebhost**//
/**ThenameofthedatabaseforWordPress*/
define('DB_NAME','database_name_here');
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
3/23
2/11/2015
Editingwpconfig.phpWordPressCodex
/**MySQLdatabaseusername*/
define('DB_USER','username_here');
/**MySQLdatabasepassword*/
define('DB_PASSWORD','password_here');
/**MySQLhostname*/
define('DB_HOST','localhost');
NOTE:Textinside/**/arecomments,forinformationpurposesonly.
SetDatabaseName
Replace'database_name_here',withthenameofyourdatabase,e.g.MyDatabaseName.
define('DB_NAME','MyDatabaseName');//ExampleMySQLdatabasename
SetDatabaseUser
Replace'username_here',withthenameofyourusernamee.g.MyUserName.
define('DB_USER','MyUserName');//ExampleMySQLusername
SetDatabasePassword
Replace'password_here',withtheyourpassword,e.g.MyPassWord.
define('DB_PASSWORD','MyPassWord');//ExampleMySQLpassword
SetDatabaseHost
Replace'localhost',withthenameofyourdatabasehost,e.g.MyDatabaseHost.AportnumberorUnixsocketfilepathmaybe
neededaswell.
define('DB_HOST','MyDatabaseHost');//ExampleMySQLDatabasehost
NOTE:ThereisagoodchanceyouwillNOThavetochangeit.Ifyouareunsure,tryinstallingwiththedefaultvalueof
'localhost'andseeifitworks.Iftheinstallfails,contactyourwebhostingprovider.
PossibleDB_HOSTvalues
Differenthostingcompaniesusedifferentnetworksettingsfortheirmysqldatabases.Ifyourhostingcompanyislistedbelowinthe
leftcolumn,thevalueontherightissimilartothecorrectvalueforDB_HOST.Contactyourtechsupportand/orsearchyourhosting
companiesonlineDocumentationtobesure.
HostingCompany
DB_HOSTValueGuess
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
4/23
2/11/2015
Editingwpconfig.phpWordPressCodex
1and1
db12345678
ANHosting
localhost
Aruba.it
localhostorrealIPprovidedwithactivationmail.
ASmallOrange
localhost
AT&T
xxxxxxxx.carrierzone.comfullservernamefoundinPHPMyAdmin.
BlueHost
localhost
DreamHost
mysql.example.com
GoDaddySharedand IntheDatabasesmenugotoMySQL.TotherightofthedatabasenameclickonActionsand
4GHHosting
GoDaddycPanel
Hosting
GoDaddyPlesk
Hosting
Details.Thehostnameisatthebottomofthewindow.
localhost
UsetheIPaddressshownintheDatabasesSectioninPlesk.Donotinclude:3306
HostGator
localhost
HostICan
localhost
ICDSoft
localhost:/tmp/mysql5.sock
InfomaniakNetwork
mysql.yourdomain
InMotionHosting
localhost
iPage
username.ipagemysql.com
IPower
username.ipowermysql.com
LaughingSquid
localhost
MediaTempleGrid
internaldb.s00000.gridserver.com(Replace"00000"withtheactualsitenumber)
MediaTempleDV
localhost
MegnaHost
localhost
NearlyFreeSpeech.Net username.db
NetworkSolutions
mysqlv5
one.com
example.com.mysql
pairNetworks
dbnnnx.pair.com
QTH.com
localhost
RackspaceCloud
SysFix.euPower
Hosting
localhostforunmanagedservers,variableforCloudSiteslikemysqlXY
AB.wcN.dfQ.stabletransit.comwhereX,Y,A,B,N,Qarevariables
datapower.sysfix.eu
Yahoo
mysql
HostswithcPanel
localhost
HostswithPlesk
localhost
Hostswith
DirectAdmin
Tophost.it
localhost
sql.yourdomainname.it
MySQLAlternatePort
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
5/23
2/11/2015
Editingwpconfig.phpWordPressCodex
Ifyourhostusesanalternateportnumberforyourdatabaseyou'llneedtochangetheDB_HOSTvalueinthewpconfig.phpfileto
reflectthealternateportprovidedbyyourhost.
Forlocalhost
define('DB_HOST','localhost:3307');
Other
define('DB_HOST','mysql.example.com:3307');
Replace3307withwhateverportnumberyourhostgivesyou.
MySQLSocketsorPipes
IfyourhostusesUnixsocketsorpipes,adjusttheDB_HOSTvalueinthewpconfig.phpfileaccordingly.
define('DB_HOST','localhost:/var/run/mysqld/mysqld.sock');
Replace/var/run/mysqld/mysqld.sockwiththesocketorpipeinformationprovidedbyyourhost.
Databasecharacterset
AsofWordPressVersion2.2,DB_CHARSETwasmadeavailabletoallowdesignationofthedatabasecharacterset(e.g.tis620for
TIS620Thai)tobeusedwhendefiningtheMySQLdatabasetables.
Thedefaultvalueofutf8(UnicodeUTF8)isalmostalwaysthebestoption.UTF8supportsanylanguage,soyoutypicallywantto
leaveDB_CHARSETatutf8andusetheDB_COLLATEvalueforyourlanguageinstead.
Thisexampleshowsutf8whichisconsideredtheWordPressdefaultvalue:
define('DB_CHARSET','utf8');
WARNING:Thoseperformingnewinstallations
ThereusuallyshouldbenoreasontochangethedefaultvalueofDB_CHARSET.Ifyourblogneedsadifferent
characterset,pleasereadCharacterSetsandCollationsMySQLSupportsforvalidDB_CHARSETvalues.
WARNING:Thoseperformingupgrades(especiallyblogsthatexistedbefore2.2)
IfDB_CHARSETandDB_COLLATEdonotexistinyourwpconfig.phpfile,DONOTaddeitherdefinitiontoyour
wpconfig.phpfileunlessyoureadandunderstandConvertingDatabaseCharacterSets.AddingDB_CHARSET
andDB_COLLATEtothewpconfig.phpfile,foranexistingblog,cancausemajorproblems.
Databasecollation
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
6/23
2/11/2015
Editingwpconfig.phpWordPressCodex
AsofWordPressVersion2.2,DB_COLLATEwasmadeavailabletoallowdesignationofthedatabasecollation(i.e.thesortorderof
thecharacterset).Inmostcases,thisvalueshouldbeleftblank(null)sothedatabasecollationwillbeautomaticallyassignedby
MySQLbasedonthedatabasecharactersetspecifiedbyDB_CHARSET.SetDB_COLLATEtooneoftheUTF8valuesdefinedin
UTF8charactersetsformostWesternEuropeanlanguages.
TheWordPressdefaultDB_COLLATEvalue:
define('DB_COLLATE','');
UTF8UnicodeGeneralcollation
define('DB_COLLATE','utf8_general_ci');
UTF8UnicodeTurkishcollation
define('DB_COLLATE','utf8_turkish_ci');
WARNING:Thoseperformingnewinstallations
ThereusuallyshouldbenoreasontochangethedefaultvalueofDB_COLLATE.Leavingthevalueblank(null)will
insurethecollationisautomaticallyassignedbyMySQLwhenthedatabasetablesarecreated.
WARNING:Thoseperformingupgrades(especiallyblogsthatexistedbefore2.2)
IfDB_COLLATEandDB_CHARSETdonotexistinyourwpconfig.phpfile,DONOTaddeitherdefinitiontoyour
wpconfig.phpfileunlessyoureadandunderstandConvertingDatabaseCharacterSets.Andyoumaybeinneed
ofaWordPressupgrade.
SecurityKeys
InVersion2.6,three(3)securitykeys,AUTH_KEY,SECURE_AUTH_KEY,andLOGGED_IN_KEY,wereaddedtoensurebetter
encryptionofinformationstoredintheuser'scookies.(ThesecollectivelyreplacedasinglekeyintroducedinVersion2.5.)InVersion
2.7afourthkey,NONCE_KEY,wasaddedtothisgroup.Wheneachkeywasadded,correspondingsaltswereadded:AUTH_SALT,
SECURE_AUTH_SALT,LOGGED_IN_SALT,andNONCE_SALT.
Youdon'thavetorememberthekeys,justmakethemlong,randomandcomplicatedorbetteryet,usetheonlinegenerator.You
canchangetheseatanypointintimetoinvalidateallexistingcookies.Thisdoesmeanthatalluserswillhavetologinagain.
Example(don'tusethese!):
define('AUTH_KEY','t`DK%X:>xy|eZ(BXb/f(Ur`8#~UzUQG^_Cs_GHs5U&Wb?pgn^p8(2@}IcnCa|');
define('SECURE_AUTH_KEY','D&ovlU#|CvJ##uNq}bel+^MFtT&.b9{UvR]g%ixsXhGlRJ7q!h}XWdEC[BOKXssj');
define('LOGGED_IN_KEY','MGKi8Br(&{H*~&0s;{k0<S(O:+f#WM+q|npJ+P;RDKT:~jrmgj#/,[hOBk!ry^');
define('NONCE_KEY','FIsAsXJKL5ZlQo)iDpt??eUbdc{_Cn<4!d~yqz))&BD?AwK%)+)F2aNwI|siOe');
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
7/23
2/11/2015
Editingwpconfig.phpWordPressCodex
define('AUTH_SALT','7T!^i!0,w)L#JK@pc2{8XE[DenYI^BVf{L:jvF,hf}zBf883td6D;Vcy8,S)&G');
define('SECURE_AUTH_SALT','I6`V|mDZq21J|ihbu^q0F}F_NUcy`l,=obGtq*p#Ybe4a31R,r=|n#=]@]c#');
define('LOGGED_IN_SALT','w<$4c$Hmd%/*]`Oom>(hdXW|0M=X={we6;Mpvtg+V.o<$|#_}qG(GaVDEsn,~*4i');
define('NONCE_SALT','a|#h{c5|P&xWs4IZ20c2&%4!c(/uG}W:mAvy<I44`jAbup]t=]V<`}.py(wTP%%');
Asecretkeymakesyoursitehardertohackandaccesshardertocrackbyaddingrandomelementstothepassword.
Insimpleterms,asecretkeyisapasswordwithelementsthatmakeithardertogenerateenoughoptionstobreakthroughyour
securitybarriers.Apasswordlike"password"or"test"issimpleandeasilybroken.Arandom,unpredictablepasswordsuchas
"88a7da62429ba6ad3cb3c76a09641fc"takesyearstocomeupwiththerightcombination.A'saltisusedtofurtherenhancethe
securityofthegeneratedresult.
Thefourkeysarerequiredfortheenhancedsecurity.Thefoursaltsarerecommended,butarenotrequired,becauseWordPresswill
generatesaltsforyouifnoneareprovided.Theyareincludedinwpconfig.phpbydefaultforinclusiveness.
Formoreinformationonthetechnicalbackgroundandbreakdownofsecretkeysandsecurepasswords,see:
RyanBorenSSLandCookiesinWordPress2.6
WordPressSupportForumHOWTO:SetupsecretkeysinWordPress2.6+
Wikipedia'sexplanationofPasswordCracking
LorelleVanFossenProtectYourBlogWithaSolidPassword
Yahoo'sSecurityPasswordTips
YahooVoicesTipsforChoosingaSecurePassword
AdvancedOptions
Thefollowingsectionsmaycontainadvanced/unsupportedinformation,sopleasemakesureyoupracticeregularbackupsand
knowhowtorestorethembeforeexperimentingonaproductioninstallation.
table_prefix
The$table_prefixisthevalueplacedinthefrontofyourdatabasetables.Changethevalueifyouwanttousesomethingother
thanwp_foryourdatabaseprefix.TypicallythisischangedifyouareinstallingmultipleWordPressblogsinthesamedatabase.
//Youcanhavemultipleinstallationsinonedatabaseifyougiveeachauniqueprefix.
$table_prefix='r235_';//Onlynumbers,letters,andunderscoresplease!
Asecondbloginstallationusingthesamedatabasecanbeachievedsimplybyusingadifferentprefixthanyourotherinstallations.
$table_prefix='y77_';//Onlynumbers,letters,andunderscoresplease!
WordPressaddress(URL)
WP_SITEURL,definedsinceWordPressVersion2.2,allowstheWordPressaddress(URL)tobedefined.Thevaluedefinedisthe
addresswhereyourWordPresscorefilesreside.Itshouldincludethehttp://parttoo.Donotputaslash"/"attheend.Settingthis
valueinwpconfig.phpoverridesthewp_optionstablevalueforsiteurlandoverridestheWordPressaddress(URL)fieldinthe
Administration>Settings>Generalpanelwhenlogginginusingwplogin.php.Itwill_not_updateyourHomeurl.Readmoreabout
thisindepthinthelinkprovidedintheNotefield:
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
8/23
2/11/2015
Editingwpconfig.phpWordPressCodex
NOTE:Itwon'tchangetheDatabasevaluethough,andtheurlwillreverttotheolddatabasevalueifthislineisremovedfromwp
config.UsetheRELOCATEconstanttochangethesiteurlvalueinthedatabase.
IfWordPressisinstalledintoadirectorycalled"wordpress"forthedomainexample.com,defineWP_SITEURLlikethis:
define('WP_SITEURL','http://example.com/wordpress');
DynamicallysetWP_SITEURLbasedon$_SERVER['HTTP_HOST']
define('WP_SITEURL','http://'.$_SERVER['HTTP_HOST'].'/path/to/wordpress');
NOTE:AsaferalternativeforsomeinstallationswouldbetousetheservergeneratedSERVER_NAMEinsteadofthephp/user
generatedHTTP_HOSTwhichiscreateddynamicallybyphpbasedonthevalueoftheHTTPHOSTHeaderintherequest,thus
possiblyallowingforfileinclusionvulnerabilities.SERVER_NAMEissetbytheserverconfigurationandisstatic.
DynamicallysetWP_SITEURLbasedon$_SERVER['SERVER_NAME']
define('WP_SITEURL','http://'.$_SERVER['SERVER_NAME'].'/path/to/wordpress');
Blogaddress(URL)
WP_HOMEisanotherwpconfig.phpoptionaddedinWordPressVersion2.2.SimilartoWP_SITEURL,WP_HOMEoverridesthe
wp_optionstablevalueforhomebutdoesnotchangeitpermanently.homeistheaddressyouwantpeopletotypeintheirbrowser
toreachyourWordPressblog.Itshouldincludethehttp://partandshouldnothaveaslash"/"attheend.
define('WP_HOME','http://example.com/wordpress');
IfyouareusingthetechniquedescribedinGivingWordPressItsOwnDirectorythenfollowtheexamplebelow.Remember,youwill
alsobeplacinganindex.phpinyourwebrootdirectoryifyouuseasettinglikethis.
define('WP_HOME','http://example.com');
DynamicallysetWP_HOMEbasedon$_SERVER['HTTP_HOST']
define('WP_HOME','http://'.$_SERVER['HTTP_HOST'].'/path/to/wordpress');
Movingwpcontentfolder
SinceVersion2.6,youcanmovethewpcontentdirectory,whichholdsyourthemes,plugins,anduploads,outsideofthe
WordPressapplicationdirectory.
SetWP_CONTENT_DIRtothefulllocalpathofthisdirectory(notrailingslash),e.g.
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
9/23
2/11/2015
Editingwpconfig.phpWordPressCodex
define('WP_CONTENT_DIR',dirname(__FILE__).'/blog/wpcontent');
SetWP_CONTENT_URLtothefullURIofthisdirectory(notrailingslash),e.g.
define('WP_CONTENT_URL','http://example/blog/wpcontent');
Movingpluginfolder
SetWP_PLUGIN_DIRtothefulllocalpathofthisdirectory(notrailingslash),e.g.
define('WP_PLUGIN_DIR',dirname(__FILE__).'/blog/wpcontent/plugins');
SetWP_PLUGIN_URLtothefullURIofthisdirectory(notrailingslash),e.g.
define('WP_PLUGIN_URL','http://example/blog/wpcontent/plugins');
IfyouhavecompabilityissueswithpluginsSetPLUGINDIRtothefulllocalpathofthisdirectory(notrailingslash),e.g.
define('PLUGINDIR',dirname(__FILE__).'/blog/wpcontent/plugins');
Movingthemesfolder
Unfortunately,youcannotdirectlymovethethemesfolderbecauseitspathishardcodedrelativelytothewpcontentfolderas:
$theme_root=WP_CONTENT_DIR.'/themes';
Youmayregisteradditionalthemedirectoriesusingregister_theme_directory.
Seehowtomovethewpcontentfolder.Formoredetailshowthethemesfolderisdetermined,seewpincludes/theme.php.
Movinguploadsfolder
SetUPLOADSto:
define('UPLOADS','blog/wpcontent/uploads');
Thispathcannotbeabsolute.ItisalwaysrelativetoABSPATH,thereforedoesnotrequirealeadingslash.
ModifyAutoSaveInterval
Wheneditingapost,WordPressusesAjaxtoautosaverevisionstothepostasyouedit.Youmaywanttoincreasethissettingfor
longerdelaysinbetweenautosaves,ordecreasethesettingtomakesureyouneverlosechanges.Thedefaultis60seconds.
define('AUTOSAVE_INTERVAL',160);//Seconds
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
10/23
2/11/2015
Editingwpconfig.phpWordPressCodex
PostRevisions
WordPress,bydefault,willsavecopiesofeacheditmadetoapostorpage,allowingthepossibilityofrevertingtoapreviousversion
ofthatpostorpage.Thesavingofrevisionscanbedisabled,oramaximumnumberofrevisionsperpostorpagecanbespecified.
DisablePostRevisions
Ifyoudonotsetthisvalue,WordPressdefaultsWP_POST_REVISIONStotrue(enablepostrevisions).Ifyouwanttodisablethe
awesomerevisionsfeature,usethissetting:
define('WP_POST_REVISIONS',false);
Note:Someuserscouldnotgetthistofunctionuntilmovingthecommandtothefirstlineundertheinitialblockcommentin
config.php.
SpecifytheNumberofPostRevisions
Ifyouwanttospecifyamaximumnumberofrevisions,changefalsetoaninteger/number(e.g.,3or5).
define('WP_POST_REVISIONS',3);
Note:Someuserscouldnotgetthistofunctionuntilmovingthecommandtothefirstlineundertheinitialblockcommentin
config.php.
SetCookieDomain
ThedomainsetinthecookiesforWordPresscanbespecifiedforthosewithunusualdomainsetups.Onereasonisifsubdomains
areusedtoservestaticcontent.TopreventWordPresscookiesfrombeingsentwitheachrequesttostaticcontentonyour
subdomainyoucansetthecookiedomaintoyournonstaticdomainonly.
define('COOKIE_DOMAIN','www.askapache.com');
EnableMultisite/NetworkAbility
WP_ALLOW_MULTISITEisafeatureintroducedinWordPressVersion3.0toenablemultisitefunctionalitypreviouslyachieved
throughWordPressMU.Ifthissettingisabsentfromwpconfig.phpitdefaultstofalse.
define('WP_ALLOW_MULTISITE',true);
RedirectNonexistentBlogs
NOBLOGREDIRECTcanbeusedtoredirectthebrowserifthevisitortriestoaccessanonexistentblog.
E.g.,http://nonexistent.example.comorhttp://example.com/nonexistent/.
define('NOBLOGREDIRECT','http://example.com');
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
11/23
2/11/2015
Editingwpconfig.phpWordPressCodex
Debug
TheWP_DEBUGoption,addedinWordPressVersion2.3.1,controlsthereportingofsomeerrorsandwarningsandenablesuseofthe
WP_DEBUG_DISPLAYandWP_DEBUG_LOGsettings.Thedefaultvalueisfalse.
NOTE:Thetrueandfalsevaluesintheexamplearenotsetinapostrophes(')becausetheyarebooleanvalues.
define('WP_DEBUG',true);
define('WP_DEBUG',false);
Additionally,ifyouareplanningonmodifyingsomeofWordPress'builtinJavaScriptorCascadingStyleSheets,youshouldaddthe
followingcodetoyourconfigfile:
define('SCRIPT_DEBUG',true);
Thentheuncompressedversionsofscriptsandstylesheetsinwpincludes/js,wpincludes/css,wpadmin/js,andwp
admin/csswillbeloadedinsteadofthe.min.cssand.min.jsversions.
InWordPressversionssince2.3.2,databaseerrorsareprintedonlyifWP_DEBUGissettotrue.Inearlierversions,databaseerrors
werealwaysprinted.(DatabaseerrorsarehandledbythewpdbclassandarenotaffectedbyPHP'serrorsettings.)
InWordPressversion2.5,settingWP_DEBUGtotruealsoraisestheerrorreportingleveltoE_ALLandactivateswarningswhen
deprecatedfunctionsorfilesareusedotherwise,WordPresssetstheerrorreportingleveltoE_ALL^E_NOTICE^E_USER_NOTICE.
DisableJavascriptConcatenation
Toresultinafasteradministrationarea,allJavascriptfilesareconcatenatedintooneURL.IfJavascriptisfailingtoworkinyour
administrationarea,youcantrydisablingthisfeature:
define('CONCATENATE_SCRIPTS',false);
ConfigureErrorLogging
Configuringerrorloggingcanbeabittricky.Firstofall,defaultPHPerrorloganddisplaysettingsaresetinthephp.inifile,which
youmayormaynothaveaccessto.Ifyoudo,theyshouldbesettothedesiredsettingsforlivePHPpagesservedtothepublic.It's
stronglyrecommendedthatnoerrormessagesaredisplayedtothepublicandinsteadroutedtoanerrorlog.Furthermore,errorlogs
shouldnotbelocatedinthepubliclyaccessibleportionofyourserver.Samplerecommendedphp.inierrorsettings:
error_reporting=4339
display_errors=Off
display_startup_errors=Off
log_errors=On
error_log=/home/example.com/logs/php_error.log
log_errors_max_len=1024
ignore_repeated_errors=On
ignore_repeated_source=Off
html_errors=Off
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
12/23
2/11/2015
Editingwpconfig.phpWordPressCodex
AboutErrorReporting4339
Thisisacustomvaluethatonlylogsissuesthataffectthefunctioningofyoursite,andignoresthingslikenoticesthatmaynot
evenbeerrors.SeePHPErrorConstantsforthemeaningofeachbinarypositionfor1000011110011,whichisthebinary
numberequalto4339.Thefarleft1meansreportanyE_RECOVERABLE_ERROR.Thenext0meansdonotreportE_STRICT,
(whichisthrownwhensloppybutfunctionalcodingisused)andsoon.Feelfreetodetermineyourowncustomerrorreporting
numbertouseinplaceof4339.
Obviously,youwillwantdifferentsettingsforyourdevelopmentenvironment.Ifyourstagingcopyisonthesameserver,oryoudon't
haveaccesstophp.ini,youwillneedtooverridethedefaultsettingsatruntime.It'samatterofpersonalpreferencewhetheryou
prefererrorstogotoalogfile,oryouprefertobenotifiedimmediatelyofanyerror,orperhapsboth.Here'sanexamplethatreports
allerrorsimmediatelythatyoucouldinsertintoyourwpconfig.phpfile:
@ini_set('log_errors','Off');
@ini_set('display_errors','On');
define('WP_DEBUG',true);
define('WP_DEBUG_LOG',false);
define('WP_DEBUG_DISPLAY',true);
Becausewpconfig.phpisloadedforeverypageviewnotloadedfromacachefile,itisanexcellentlocationtosetphp.inisettings
thatcontrolyourphpinstallation.Thisisusefulifyoudon'thaveaccesstoaphp.inifile,orifyoujustwanttochangesomesettings
onthefly.Oneexceptionis'error_reporting'.WhenWP_DEBUGisdefinedastrue,'error_reporting'willbesettoE_ALLbyWordPress
regardlessofanythingyoutrytosetinwpconfig.php.Ifyoureallyhaveaneedtoset'error_reporting'tosomethingelse,itmustbe
doneafterwpsettings.phpisloaded,suchasinapluginfile.
Ifyouturnonerrorlogging,remembertodeletethefileafterwards,asitwilloftenbeinapubliclyaccessiblelocation,whereanyone
couldgainaccesstoyourlog.
Hereisanexamplethatturnsphperror_loggingonandlogsthemtoaspecificfile.IfWP_DEBUGisdefinedtotrue,theerrorswillalso
besavedtothisfile.Justplacethisaboveanyrequire_onceorincludecommands.
@ini_set('log_errors','On');
@ini_set('display_errors','Off');
@ini_set('error_log','/home/example.com/logs/php_error.log');
/*That'sall,stopediting!Happyblogging.*/
Anotherexampleofloggingerrors,assuggestedbyMikeLittleonthewphackersemaillist:
/**
*Thiswilllogallerrorsnoticesandwarningstoafilecalleddebug.login
*wpcontent(ifApachedoesnothavewritepermission,youmayneedtocreate
*thefilefirstandsettheappropriatepermissions(i.e.use666))
*/
define('WP_DEBUG',true);
define('WP_DEBUG_LOG',true);
define('WP_DEBUG_DISPLAY',false);
@ini_set('display_errors',0);
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
13/23
2/11/2015
Editingwpconfig.phpWordPressCodex
ArefinedversionfromMikeLittleontheManchesterWordPressUserGroup:
/**
*Thiswilllogallerrorsnoticesandwarningstoafilecalleddebug.login
*wpcontentonlywhenWP_DEBUGistrue.ifApachedoesnothavewritepermission,
*youmayneedtocreatethefilefirstandsettheappropriatepermissions(i.e.use666).
*/
define('WP_DEBUG',true);//Orfalse
if(WP_DEBUG){
define('WP_DEBUG_LOG',true);
define('WP_DEBUG_DISPLAY',false);
@ini_set('display_errors',0);
}
ConfusingtheissueisthatWordPresshas3constantsthatlookliketheycoulddothesamething.Firstoff,rememberthatif
WP_DEBUGisfalse,itandtheothertwoWordPressDEBUGconstantsdonotdoanything.ThePHPdirectives,whatevertheyare,will
prevail.Exceptfor'error_reporting',WordPresswillsetthisto4983ifWP_DEBUGisdefinedasfalse.Second,evenifWP_DEBUGis
true,theotherconstantsonlydosomethingiftheytooaresettotrue.Iftheyaresettofalse,thePHPdirectivesremain
unchanged.Forexample,ifyourphp.inifilehasthedirectivedisplay_errors=On,butyouhavethestatementdefine(
'WP_DEBUG_DISPLAY',false);inyourwpconfig.phpfile,errorswillstillbedisplayedonscreeneventhoughyoutriedto
preventitbysettingWP_DEBUG_DISPLAYtofalsebecausethatisthePHPconfiguredbehavior.Thisiswhyit'sveryimportanttoset
thePHPdirectivestowhatyouneedincaseanyoftherelatedWPconstantsaresettofalse.Tobesafe,explicitlyset/defineboth
types.MoredetaileddescriptionsoftheWPconstantsisavailableatDebugginginWordPress.
Foryourpublic,productionWordPressinstallation,youmightconsiderplacingthefollowinginyourwpconfig.phpfile,eventhough
itmaybepartlyredundant:
@ini_set('log_errors','On');
@ini_set('display_errors','Off');
define('WP_DEBUG',false);
define('WP_DEBUG_LOG',false);
define('WP_DEBUG_DISPLAY',false);
Thedefaultdebuglogfileis/wpcontent/debug.log.Placingerrorlogsinpubliclyaccessiblelocationsisasecurityrisk.Ideally,
yourlogfilesshouldbeplacedaboveyousite'spublicrootdirectory.Ifyoucan'tdothis,attheveryleast,setthelogfile
permissionsto600andaddthisentrytothe.htaccessfileintherootdirectoryofyourWPinstallation:
<Filesdebug.log>
Orderallow,deny
Denyfromall
</Files>
ThispreventsanyonefromaccessingthefileviaHTTP.YoucanalwaysviewthelogfilebyretrievingitfromyourserverviaFTP.
IncreasingmemoryallocatedtoPHP
AlsoreleasedwithVersion2.5,theWP_MEMORY_LIMIToptionallowsyoutospecifythemaximumamountofmemorythatcanbe
consumedbyPHP.Thissettingmaybenecessaryintheeventyoureceiveamessagesuchas"Allowedmemorysizeofxxxxxx
bytesexhausted".
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
14/23
2/11/2015
Editingwpconfig.phpWordPressCodex
ThissettingincreasesPHPMemoryonlyforWordPress,nototherapplications.Bydefault,WordPresswillattempttoincrease
memoryallocatedtoPHPto40MB(codeisatbeginningofwpsettings.php),sothesettinginwpconfig.phpshouldreflectsomething
higherthan40MB.
WordPresswillautomaticallycheckifPHPhasbeenallocatedlessmemorythantheenteredvaluebeforeutilizingthisfunction.For
example,ifPHPhasbeenallocated64MB,thereisnoneedtosetthisvalueto64MasWordPresswillautomaticallyuseall64MBif
needbe.
Pleasenote,thissettingmaynotworkifyourhostdoesnotallowforincreasingthePHPmemorylimitinthatevent,contactyour
hosttoincreasethePHPmemorylimit.Also,notethatmanyhostssetthePHPlimitat8MB.
IncreasePHPMemoryto64MB
define('WP_MEMORY_LIMIT','64M');
IncreasePHPMemoryto96MB
define('WP_MEMORY_LIMIT','96M');
Whenintheadministrationarea,thememorycanbeincreasedordecreasedfromtheWP_MEMORY_LIMITbydefining
WP_MAX_MEMORY_LIMIT.
define('WP_MAX_MEMORY_LIMIT','256M');
Pleasenote,thishastobeputbeforewpsettings.phpinclusion.
Cache
TheWP_CACHEsetting,iftrue,includesthewpcontent/advancedcache.phpscript,whenexecutingwpsettings.php.
define('WP_CACHE',true);
CustomUserandUsermetaTables
CUSTOM_USER_TABLEandCUSTOM_USER_META_TABLEareusedtodesignatethattheuserandusermetatablesnormally
utilizedbyWordPressarenotused,insteadthesevalues/tablesareusedtostoreyouruserinformation.
define('CUSTOM_USER_TABLE',$table_prefix.'my_users');
define('CUSTOM_USER_META_TABLE',$table_prefix.'my_usermeta');
Pleasenotethatpermissionsintheuser_metatablesarestoredwiththetableprefixofthesite.Sointhe
CUSTOM_USER_META_TABLEonemusthaveentriesforeachsiteusingthattable.Attheveryleastfortheadministrator,toavoid
the"youdonothavepermissionserror"youshouldhave:
prefix1_capabilities=a:1:{s:13:"administrator"b:1}andprefix2_capabilities=a:1:{s:13:"administrator"b:1}etc
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
15/23
2/11/2015
Editingwpconfig.phpWordPressCodex
WhenusingCUSTOM_USER_TABLEduringinitialsetupitiseasiestto:Setupyourfirstinstanceofwordpress.Thedefine
statementsofthewpconfig.phponthefirstinstancepointingtowhereyoucurrentlystoreuserdatawp_userbydefault,andthen
copingthatworkingwpconfig.phptoyournextinstancewhichwillonlyrequireyoutochangethe$table_prefix=variableas
previouslystated.Atthispointtheinstallwillrunasexpectedhowever,donotuseanemailaddressthatisalreadyinusebyyour
originalinstall.Useadifferentemailaddress.Onceyouhavefinishedthesetupprocessloginwiththeautogeneratedadmin
accountandpassword.Thenpromoteyournormalaccounttotheadministratorlevel.Logoutofadmin.Loginasyourself.Deletethe
adminaccountandpromotetheotheruseraccountsasisneeded.
LanguageandLanguageDirectory
WordPress4.0allowsyoutochangethelanguageinyourwordpress'sadminarea.
WordPressv4andabove
Changethelanguageintheadminsettingsscreen.Settings>general>SiteLanguage.
WordPressv3.9.2andbelow
WPLANGdefinesthenameofthelanguagetranslation(.mo)file.WP_LANG_DIRdefineswhatdirectorytheWPLANG.mofile
resides.IfWP_LANG_DIRisnotdefinedWordPresslooksfirsttowpcontent/languagesandthenwpincludes/languagesforthe.mo
definedbyWPLANGfile.
define('WPLANG','de_DE');
define('WP_LANG_DIR',dirname(__FILE__).'wordpress/languages');
TofindouttheWPLANGlanguagecode,pleaserefertoWordPressinYourLanguage.Thecodeinparenthesesaftereachlanguage
headingiswhatyouneed.
Savequeriesforanalysis
TheSAVEQUERIESdefinitionsavesthedatabasequeriestoanarrayandthatarraycanbedisplayedtohelpanalyzethosequeries.
Theinformationsaveseachquery,whatfunctioncalledit,andhowlongthatquerytooktoexecute.
NOTE:Thiswillhaveaperformanceimpactonyoursite,somakesuretoturnthisoffwhenyouaren'tdebugging.
First,putthisinwpconfig.php:
define('SAVEQUERIES',true);
Theninthefooterofyourthemeputthis:
<?php
if(current_user_can('administrator')){
global$wpdb;
echo"<pre>";
print_r($wpdb>queries);
echo"</pre>";
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
16/23
2/11/2015
Editingwpconfig.phpWordPressCodex
}
?>
Overrideofdefaultfilepermissions
TheFS_CHMOD_DIRandFS_CHMOD_FILEdefinestatementsallowoverrideofdefaultfilepermissions.Thesetwovariableswere
developedinresponsetotheproblemofthecoreupdatefunctionfailingwithhosts(e.g.someItalianhosts)runningundersuexec.If
ahostusesrestrictivefilepermissions(e.g.400)foralluserfiles,andrefusestoaccessfileswhichhavegrouporworldpermissions
set,thesedefinitionscouldsolvetheproblem.Notethatthe'0755'isanoctalvalue.Octalvaluesmustbeprefixedwitha0andare
notdelineatedwithsinglequotes(').SeeAlso:ChangingFilePermissions
define('FS_CHMOD_DIR',(0755&~umask()));
define('FS_CHMOD_FILE',(0644&~umask()));
Exampletoprovidesetgid:
define('FS_CHMOD_DIR',(02755&~umask()));
WordPressUpgradeConstants
Youshoulddefineasfewofthebelowconstantsneededtocorrectyourupdateissues.
Themostcommoncausesofneedingtodefinetheseare:
Hostrunningwithaspecialinstallationsetupinvolvingsymlinks.Youmayneedtodefinethepathrelatedconstants(FTP_BASE,
FTP_CONTENT_DIR,andFTP_PLUGIN_DIR).Oftendefiningsimplythebasewillbeenough.
CertainPHPinstallationsshippedwithaPHPFTPextensionwhichisincompatiblewithcertainFTPservers.Undertheserare
situations,youmayneedtodefineFS_METHODto"ftpsockets".
ThefollowingarevalidconstantsforWordPressupdates:
FS_METHODforcesthefilesystemmethod.Itshouldonlybe"direct","ssh2","ftpext",or"ftpsockets".Generally,youshouldonly
changethisifyouareexperiencingupdateproblems.Ifyouchangeitanditdoesn'thelp,changeitback/removeit.Undermost
circumstances,settingitto'ftpsockets'willworkiftheautomaticallychosenmethoddoesnot.
(PrimaryPreference)"direct"forcesittouseDirectFileI/OrequestsfromwithinPHP,thisisfraughtwithopeningupsecurity
issuesonpoorlyconfiguredhosts,Thisischosenautomaticallywhenappropriate.
(SecondaryPreference)"ssh2"istoforcetheusageoftheSSHPHPExtensionifinstalled
(3rdPreference)"ftpext"istoforcetheusageoftheFTPPHPExtensionforFTPAccess,andfinally
(4thPreference)"ftpsockets"utilisesthePHPSocketsClassforFTPAccess.
FTP_BASEisthefullpathtothe"base"(ABSPATH)folderoftheWordPressinstallation.
FTP_CONTENT_DIRisthefullpathtothewpcontentfolderoftheWordPressinstallation.
FTP_PLUGIN_DIRisthefullpathtothepluginsfolderoftheWordPressinstallation.
FTP_PUBKEYisthefullpathtoyourSSHpublickey.
FTP_PRIKEYisthefullpathtoyourSSHprivatekey.
FTP_USERiseitheruserFTPorSSHusername.Mostlikelythesearethesame,butusetheappropriateoneforthetypeof
updateyouwishtodo.
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
17/23
2/11/2015
Editingwpconfig.phpWordPressCodex
FTP_PASSisthepasswordfortheusernameenteredforFTP_USER.IfyouareusingSSHpublickeyauthenticationthiscanbe
omitted.
FTP_HOSTisthehostname:portcombinationforyourSSH/FTPserver.ThedefaultFTPportis21andthedefaultSSHportis22.
Thesedonotneedtobementioned.
FTP_SSLTRUEforSSLconnectionifsupportedbytheunderlyingtransport(notavailableonallservers).Thisisfor"Secure
FTP"notforSSHSFTP.
define('FS_METHOD','ftpext');
define('FTP_BASE','/path/to/wordpress/');
define('FTP_CONTENT_DIR','/path/to/wordpress/wpcontent/');
define('FTP_PLUGIN_DIR','/path/to/wordpress/wpcontent/plugins/');
define('FTP_PUBKEY','/home/username/.ssh/id_rsa.pub');
define('FTP_PRIKEY','/home/username/.ssh/id_rsa');
define('FTP_USER','username');
define('FTP_PASS','password');
define('FTP_HOST','ftp.example.org');
define('FTP_SSL',false);
SomeconfigurationsshouldsetFTP_HOSTtolocalhosttoavoid503problemswhentryingtoupdatepluginsorWPitself.
EnablingSSHUpgradeAccess
TherearetwowaystoupgradeusingSSH2.
ThefirstistousetheSSHSFTPUpdaterSupportplugin.ThesecondistousethebuiltinSSH2upgrader,whichrequiresthepecl
SSH2extensionbeinstalled.
ToinstallthepeclSSH2extensionyouwillneedtoissueacommandsimilartothefollowingortalktoyourwebhostingproviderto
getthisinstalled:
peclinstallssh2
Afterinstallingthepeclssh2extensionyouwillneedtomodifyyourphpconfigurationtoautomaticallyloadthisextension.
peclisprovidedbythepearpackageinmostlinuxdistributions.ToinstallpeclinRedhat/Fedora/CentOS:
yumyinstallphppear
ToinstallpeclinDebian/Ubuntu:
aptgetinstallphppear
Itisrecommendedtouseaprivatekeythatisnotpassphraseprotected.Therehavebeennumerousreportsthatpassphrase
protectedprivatekeysdonotworkproperly.Ifyoudecidetotryapassphraseprotectedprivatekeyyouwillneedtoenterthepass
phrasefortheprivatekeyasFTP_PASS,orenteringitinthe"Password"fieldinthepresentedcredentialfieldwheninstalling
updates.
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
18/23
2/11/2015
Editingwpconfig.phpWordPressCodex
AlternativeCron
Usethis,forexample,ifscheduledpostsarenotgettingpublished.AccordingtoOtto'sforumexplanation,"thisalternatemethod
usesaredirectionapproach,whichmakestheusersbrowsergetaredirectwhenthecronneedstorun,sothattheycomebackto
thesiteimmediatelywhilecroncontinuestorunintheconnectiontheyjustdropped.Thismethodisabitiffysometimes,whichis
whyit'snotthedefault."
define('ALTERNATE_WP_CRON',true);
DisableCronandCronTimeout
DisablethecronentirelybysettingDISABLE_WP_CRONtotrue.
define('DISABLE_WP_CRON',true);
MakesureacronprocesscannotrunmorethanonceeveryWP_CRON_LOCK_TIMEOUTseconds.
define('WP_CRON_LOCK_TIMEOUT',60);
AdditionalDefinedConstants
Hereareadditionalconstantsthatcanbedefined,butprobablyshouldn'tbe.TheCookiedefinitionsareparticularlyusefulifyouhave
anunusualdomainsetup.
define('COOKIEPATH',preg_replace('|https?://[^/]+|i','',get_option('home').'/'));
define('SITECOOKIEPATH',preg_replace('|https?://[^/]+|i','',get_option('siteurl').'/'));
define('ADMIN_COOKIE_PATH',SITECOOKIEPATH.'wpadmin');
define('PLUGINS_COOKIE_PATH',preg_replace('|https?://[^/]+|i','',WP_PLUGIN_URL));
define('TEMPLATEPATH',get_template_directory());
define('STYLESHEETPATH',get_stylesheet_directory());
EmptyTrash
AddedwithVersion2.9,thisconstantcontrolsthenumberofdaysbeforeWordPresspermanentlydeletesposts,pages,
attachments,andcomments,fromthetrashbin.Thedefaultis30days:
define('EMPTY_TRASH_DAYS',30);//30days
Todisabletrashsetthenumberofdaystozero.NotethatWordPresswillnotaskforconfirmationwhensomeoneclickson"Delete
Permanently".
define('EMPTY_TRASH_DAYS',0);//Zerodays
AutomaticDatabaseOptimizing
AddedwithVersion2.9,thereisautomaticdatabaseoptimizationsupport,whichyoucanenablebyaddingthefollowingdefineto
yourwpconfig.phpfileonlywhenthefeatureisrequired
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
19/23
2/11/2015
Editingwpconfig.phpWordPressCodex
define('WP_ALLOW_REPAIR',true);
Thescriptcanbefoundat{$your_site}/wpadmin/maint/repair.php
PleaseNote:Thatthisdefineenablesthefunctionality,Theuserdoesnotneedtobeloggedintoaccessthisfunctionality
whenthisdefineisset.Thisisbecauseitsmainintentistorepairacorrupteddatabase,Userscanoftennotloginwhenthe
databaseiscorrupt.
Donotupgradeglobaltables
ADO_NOT_UPGRADE_GLOBAL_TABLESdefinepreventsdbDelta()andtheupgradefunctionsfromdoingexpensivequeries
againstglobaltables.
Sitesthathavelargeglobaltables(particularlyusersandusermeta),aswellassitesthatshareusertableswithbbPressandother
WordPressinstalls,canpreventtheupgradefromchangingthosetablesduringupgradebydefining
DO_NOT_UPGRADE_GLOBAL_TABLES.SinceanALTER,oranunboundedDELETEorUPDATE,cantakealongtimeto
complete,largesitesusuallywanttoavoidthesebeingrunaspartoftheupgradesotheycanhandleitthemselves.Further,if
installationsaresharingusertablesbetweenmultiplebbPressandWordPressinstallsitmaybenecessarytowantonesitetobethe
upgrademaster.
define('DO_NOT_UPGRADE_GLOBAL_TABLES',true);
ViewAllDefinedConstants
Phphasafunctionthatreturnsanarrayofallthecurrentlydefinedconstantswiththeirvalues.
print_r(@get_defined_constants());
DisablethePluginandThemeEditor
Occasionallyyoumaywishtodisablethepluginorthemeeditortopreventoverzealoususersfrombeingabletoeditsensitivefiles
andpotentiallycrashthesite.Disablingthesealsoprovidesanadditionallayerofsecurityifahackergainsaccesstoawell
privilegeduseraccount.
define('DISALLOW_FILE_EDIT',true);
Pleasenote:thefunctionalityofsomepluginsmaybeaffectedbytheuseofcurrent_user_can('edit_plugins')intheircode.
Pluginauthorsshouldavoidcheckingforthiscapability,oratleastcheckifthisconstantissetanddisplayanappropriateerror
message.Beawarethatifapluginisnotworkingthismaybethecause.
DisablePluginandThemeUpdateandInstallation
Thiswillblockusersbeingabletousethepluginandthemeinstallation/updatefunctionalityfromtheWordPressadminarea.Setting
thisconstantalsodisablesthePluginandThemeeditor(i.e.youdon'tneedtosetDISALLOW_FILE_MODSand
DISALLOW_FILE_EDIT,asonitsownDISALLOW_FILE_MODSwillhavethesameeffect).
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
20/23
2/11/2015
Editingwpconfig.phpWordPressCodex
define('DISALLOW_FILE_MODS',true);
RequireSSLforAdminandLogins
FORCE_SSL_LOGINisforwhenyouwanttosecureloginssothatpasswordsarenotsentintheclear,butyoustillwanttoallow
nonSSLadminsessions(sinceSSLcanbeslow).
define('FORCE_SSL_LOGIN',true);
FORCE_SSL_ADMINisforwhenyouwanttosecureloginsandtheadminareasothatbothpasswordsandcookiesareneversent
intheclear.Thisisthemostsecureoption.Administration_Over_SSL
define('FORCE_SSL_ADMIN',true);
BlockExternalURLRequests
BlockexternalURLrequestsbydefiningWP_HTTP_BLOCK_EXTERNALastrueandthiswillonlyallowlocalhostandyourblogto
makerequests.TheconstantWP_ACCESSIBLE_HOSTSwillallowadditionalhoststogothroughforrequests.Theformatofthe
WP_ACCESSIBLE_HOSTSconstantisacommaseparatedlistofhostnamestoallow,wildcarddomainsaresupported,eg
*.wordpress.orgwillallowforallsubdomainsofwordpress.orgtobecontacted.
define('WP_HTTP_BLOCK_EXTERNAL',true);
define('WP_ACCESSIBLE_HOSTS','api.wordpress.org,*.github.com');
DisableWordPressAutoUpdates
#Disableallautomaticupdates:
define('AUTOMATIC_UPDATER_DISABLED',true);
DisableWordPressCoreUpdates
TheeasiestwaytomanipulatecoreupdatesiswiththeWP_AUTO_UPDATE_COREconstant:
#Disableallcoreupdates:
define('WP_AUTO_UPDATE_CORE',false);
#Enableallcoreupdates,includingminorandmajor:
define('WP_AUTO_UPDATE_CORE',true);
#Enablecoreupdatesforminorreleases(default):
define('WP_AUTO_UPDATE_CORE','minor');
Reference:DisablingAutoUpdatesinWordPress3.7
DoubleCheckBeforeSaving
Besuretocheckforleadingand/ortrailingspacesaroundanyoftheabovevaluesyouentered,andDON'Tdeletethesingle
quotes!
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
21/23
2/11/2015
Editingwpconfig.phpWordPressCodex
Beforeyousavethefile,besuretodoublecheckthatyouhavenotaccidentallydeletedanyofthesinglequotesaroundthe
parametervalues.BesurethereisnothingaftertheclosingPHPtaginthefile.Thelastthinginthefileshouldbe?>andnothing
else.Nospaces.
Tosavethefile,chooseFile>SaveAs>wpconfig.phpandsavethefileintherootofyourWordPressinstall.Uploadthefileto
yourwebserverandyou'rereadytoinstallWordPress!
ExternalResources
WordPress'wpconfig.php'fileGenerator
wpcoreconfigCLIcommand
Advancedwpconfig.phpTweaks
SeeAlso
WordPressBackups
InstallingMultipleBlogsrequiresspecialwpconfig.php
TroubleshootingInstallations
SecuringyourInstallation
Categories:
GettingStarted
AdvancedTopics
Installation
UILink
Errorhandling
HomePage
WordPressLessons
GettingStarted
Workingwith
WordPress
DesignandLayout
AdvancedTopics
Troubleshooting
DeveloperDocs
AboutWordPress
CodexResources
Communityportal
Currentevents
Recentchanges
Randompage
Help
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
22/23
2/11/2015
Editingwpconfig.phpWordPressCodex
About
Support
Showcase
WordCamp
Blog
Developers
Plugins
WordPress.TV
Hosting
GetInvolved
Themes
BuddyPress
Jobs
Learn
Ideas
bbPress
WordPress.com
Follow@WordPress
Matt
Like
923k
Privacy
License/GPLv2
http://codex.wordpress.org/Editing_wpconfig.php#Increasing_memory_allocated_to_PHP
23/23