Learn Everything About wp-config

Learn Everything About wp-config.php File WordPress

In WordPress wp-config.php file and this is most important file in WordPress which is a configuration file which connects to the database and always almost see errors in WordPress saying error establishing connection and this is the file to edit when you face errors in configuration when your database connection lost and you can learn everything about wp config file in WordPress and how to define everything in wp-config.php file.

Configuration of wp-config file in php:

WordPress structures specific important files that can be edited for different purposes. These files can vary with functionality of WordPress. Always test changes in a development environment by enabling debug mode before publishing to a production server and fix errors in debug mode. Wp-config file covers database connections, storing FTP info, enabling debugging tools, and more using wp-config.php. With this file we can also increasing PHP memory limits and max upload sizes, creating redirects, and setting access restrictions depends up on your hosting providers.

Importance of wp-config file in WordPress:

The most central and vital file in any WordPress installation is the wp-config.php file. This file contains all database connection settings, including the database name, username, and password to access your MySQL database. This file also stores additional database and other advanced settings. The wp-config.php file was originally named wp-config-sample.php as well to give brief idea how to configure wp-config.php file. By renaming this file to wp-config.php is one of the first steps of installing WordPress. The wp-config file is typically lives in the root directory of WordPress. Instead, you can change wp-config file out of the WordPress root directory and into the parent directory correspondingly and also you can hide wp-config.php file for security reasons. Your WordPress directory is located in location below:



you can safely change the location of wp-config.php file to here:


WordPress looks for the presence of wp-config file in the root directory initially first, and if it is unable to locate the file then formerly looks in the parent directory. This happens automatically so no settings need to be changed for this to work this is the WordPress behavior to find the wp-config file in WordPress.

Tips and Notes: WordPress is easy to hack and moving the wp-config.php out of the root WordPress directory is a good security measure, making it nearly impossible to potentially access this file from a web browser.

Few options in WordPress are stored as constants and these can be seen in the wp-config.php file. The constraints will be having same format:

define( 'OPTION_NAME', 'value' );

OPTION_NAME is the name of the option constant being set; value is the option value and can be restructured to of any kind of setting you would wish to save for that value choice. When adding innovative or new options to the wp-config.php file, it’s important and necessarily the options are added above the line that will be read.

Related Coverage:

1. WordPress Error Establishing Database Connection

2. What is htaccess file in WordPress and its Uses

3. Increase PHP Memory limit in WordPress

4. How to Secure WordPress Website From Hackers

5. Debug Mode WordPress: Disable and Enable Debug Mode in WordPress

Wp-config Errors when Installation WordPress

If your WordPress installation is having problems connecting to your database then the first primary file to look at and start troubleshooting is wp-config.php file. If you get error message error Establishing a database connection error, the first thing to do is confirm and verify the DB_NAME, DB_USER, and DB_PASSWORD options are correctly set for your database server. Alternatively, also verify that the DB_HOST name is set to the correct host for your server. Unsurprisingly, this is set to localhost, but few of hosting companies configure WordPress packages with web servers and MySQL servers on different changed machines, requiring a host company explicit configuration choice to locate the MySQL database.

Change Database Character set in wp-config.php file

Contact your hosting tech support team or refer to their online documentation or citations for correct host value to set at this point in wp-config.php file. You can change or modify database character set (charset) by changing the DB_CHARSET option value. WordPress defaulting this is set to utf8 (Unicode UTF-8) which supports any language and it is nearly always the superlative option.

WordPress DB Collate options in wp-config.php file

The DB_COLLATE option consumes allowed term or designation of the database collation, i.e sort order of the character set. (A character set is a collection or group of symbols that represents words in a language. The collation determines which cause the order to routine and use when sorting the character set, generally in alphabetical order.) and by default it is set to blank and should typically stay that way. If you would like to change or modify the database collation, just add the suitable and appropriate value for your language. You have to change this option formerly before installing WordPress. Altering or changing or modifying this value after installation will possibly leads to cause problems in WordPress.

Adding Security with wp-config.php file

Adding security and Securing WordPress is very important and this is the first thing to do by updating all your plugins and updating WordrPress with latest versions and php versions which leads to make secure your WordPress website apart from version updates of plugins and WordPress there are few more other ways to make your website secure from hackers as well by adding salt keys in wp-config.php file.

Secret Salt Keys in wp-config file

WordPress security can be tightened and strengthened or underwired by setting surreptitious and secret keys in your wp-config.php file. A secret key is a hashing salt keys, which makes your site harder to hack by adding randomly generated elements (the salt keys) to the password you set.

The presence of salt keys aren’t required for WordPress to purposely function, but they increase an extra layer of security on your website. To have secret keys auto-generated for you, visit link, for secret key generation in your wp-config.php file. On the other hand, you can independently type a group of random characters in place of and set your unique phrase here. Our main moto here si to use secret keys that are 100 percent random and inimitable unique.

Change table prefix with wp-config file

You are freely enhance and add or change or modify these keys at any period of time, the only chances of thing expected will happen is all existing WordPress cookies will be invalidated and your users will be required to log in again. Another security feature included in wp-config.php is the ability to define the database table prefix for WordPress. By default this option value is set to wp_. You can change this value by setting the $table_prefix variable value to any prefix like below:

$table_prefix = 'asw_';

How to be Safe with Hackers with SQL Injection Attack

If a hacker is talented and able to exploit your website using an SQL injection attack, this will make it harder for them to guess your table names and quite possibly keep them from doing SQL injection at all. Setting the table prefix to a unique value also makes it possible to run several multiple WordPress installations in a single database.

Debugging in WordPress with wp-config.php file:

We can look for debugging errors in WordPress can be made easier using the WP_DEBUG option in wp-config.php file. Enabling WP_DEBUG displays WordPress errors on the screen, rather than suppressing those errors with a white screen. To enable WP_DEBUG, just set the option value to true:

How to enable debug mode in WordPress in wp-config.php:

define( 'WP_DEBUG', true );

Fresh installations of WordPress will be having this option defined in wp-config as false by default. If this option is not declared, it defaults to false and error messages are not displayed. Always remember to disable or remove this option when you are done debugging in your local WordPress development before moving to production because these error messages will lead or might help hackers discover routes to inject sql injection or vulnerabilities into your website. It’s the best way to keep WP_DEBUG enabled when developing in WordPress to address any warnings or errors that might be displayed.

Useful and Advanced wp-config options

We can set different things in wp-config.php file as per our requirements and our needs. We can do even more things with wp-config.php file by setting option values as true. We can configure and set more additional advanced options in your wp-config file.
By default these options are not available in wp-config.php file, so you will need to manually add them to the wp-config file.

Set website Blog address in wp-config.php file:

To set your WordPress website and blog address, use the following two options:

define( 'WP_SITEURL', 'http://example.com/WordPress' );

define( 'WP_HOME', 'http://example.com/WordPress' );

The WP_SITEURL option will allow you to temporarily change the WordPress site URL. This does not change or alter the database option value for siteurl, it will only change value temporarily. If this option is removed, WordPress reverts back to using the siteurl database setting.

The WP_HOME option works the exact same way, letting you temporarily change the home value for WordPress. Both these values should include the full URL including http://.

Move wp-content directory in WordPress by declaring in wp-config.php file

More options that allows you to move the wp-content directory in WordPress have been introduced & the two required options are:

define( 'WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'] '/WordPress/blog/wp-content' );

define( 'WP_CONTENT_URL', 'http://domain.com/WordPress/blog/wp-content');

The WP_CONTENT_DIR option value is the full local path to your wp-content directory. The WP_CONTENT_URL is the full URI of this directory. Optionally, you can set the path to your plugins directory like so:

define( 'WP_PLUGIN_DIR', $_SERVER['DOCUMENT_ROOT'] . '/blog/wp-content/plugins' );

define( 'WP_PLUGIN_URL', 'http://example/blog/wp-content/plugins');

WP_PLUGIN_DIR and WP_PLUGIN_URL are options used by plugin developers to determine where your plugin folder resides. If a plugin developer is not using these constants, there is a very good chance their plugin will break and cause misbehaving if you move your wp-content directory. Never move the wp-content directory on your production server without first testing in a development environment.

Declaring post revisions in wp-config.php file in WordPress

You can easily turn off and on post revisions of WordPress by declaring few lines of code in wp-config.php file by setting wp_post_revisons to true and false. WordPress saves post revisions for each single edit and save made to a post or page.

Edits are saved by clicking either the Save or Publish button, and also by the built-in auto-save feature of WordPress. Visualize, if each post you create has 10 revisions that’s too many revisions that will be recorded in database. If you had 1000 posts, that would be 10,000 records in your database which rapidly makes increase the size of your database and could even slow down your website because table records can take longer to fetch in larger databases. Fortunately, WordPress has a built-in post revisions option called WP_POST_REVISIONS. You can set this option to false to totally disable post revisions overall and other way is you can specify a maximum number of revisions to keep for each post or page. Below are examples of both scenarios and how to declare post revisions in wp-config.php file:

define( 'WP_POST_REVISIONS', false ); define( 'WP_POST_REVISIONS', 5 );

Declare Auto save interval in wp-config.php

You can also configure the auto-save interval by setting the AUTOSAVE_INTERVAL option. WordPress uses AJAX when editing a post to auto-save revisions. By default, this interval is 60 seconds. You can set the interval in seconds for auto-save in wp-config. Set auto-save to 5 minutes by using this code:

define( 'AUTOSAVE_INTERVAL', 300 );

Declare Save Queries options in wp-config file:

Very useful debugging option in WordPress with regards to WordPress database or any query executed is by declaring SAVEQUERIES in wp-config.php file. By declaring or Initiating this option saves all database queries into a global array that can be displayed on your page. This can help you debug query issues, and also to see exactly what queries WordPress is executing on each and every page load. If you are working on a theme or plugin and you want to know exactly whats happening with database queries and how many queries WordPress is executing to get the right set of posts back as declared in WordPress query, this save queries debug option will show you exactly what WordPress is asking for out of the database. Enable this option by setting the value to true:

define( 'SAVEQUERIES', true );

The above code displays the saved query arrays only if the user is logged-in and has the permissions to manage options. Basically restricting it to display only for site administrators these outputs will be visible.

Enable Error Logging with wp-config.php file

When you are developing theme you can also enable save query logging directly from your wp-config file and to enable logging, first you need to create a php_error.log file and upload it to your root WordPress directory. Then simply turn on the log_errors PHP option and point to your logging file by adding below code in wp-config.php file:

@ini_set( 'log_errors','On' );

@ini_set( 'display_errors','Off' );

@ini_set( 'error_log','/public_html/WordPress/php_error.log' );

All errors will be now logged to this file in above declared location. This will also log any errors produced by enabling the WP_DEBUG option discussed earlier. In the previous example display_errors is set to Off, which is perfect and seamless for a production website because you don’t want error messages will be outputted or displayed. If you are debugging and wish to view errors in real time, just set that option to On. Remember the error_log value is relative to the web server’s document root, not the WordPress root.

Increase Memory Limit with wp-config.php file

There are many scenarios case you wish to increase the memory limit of your webstie and we can increase memory limit with wp-config.php file or by php.ini file on your web server. You can also set the memory limit WordPress is allowed to use with the WP_MEMORY_LIMIT option. If your website ran out of memory limit set for WordPress to run, you will see the error Allowed memory size of xxxxx bytes exhausted.” Increasing the memory limit fixes this problem declaring in wp-config.php or in php.ini file. The memory limit is set by declaring or defining the megabytes needed as per memory limit exhausted:

define( 'WP_MEMORY_LIMIT', '32M' );

Defining memory limit in wp-config.php works only if your hosting company allows it. Some hosting companies will not allow you to dynamically change the memory limit and will have this value set very low. This problem is usually found on lower-cost hosting companies that maintain their price points by packing more web server instances onto a single physical host, creating contention for memory footprint. This increases the memory only for WordPress and not other applications running on your server. To increase the memory limit across all of your websites, set the php_value memory_limit variable in your php.ini file. For example, when importing large amounts of content, say months or years worth of blog posts, it’s likely you’ll hit this memory limit.

Declaring WPLANG Language in wp-config.php

WordPress has build in localizer which is wonderful feature of WordPress which is built-in localizer. WordPress displays in English by default, but can easily be set to display any language that has been translated. Setting the WPLANG option triggers WordPress to load the specified language files by declaring or adding below code in wp-config.php file:

define ( 'WPLANG', 'en-GB' );

The option value comprises or includes the ISO-639 language code followed by the ISO-3166 country code. So en-GB would be English-Great Britain. This setting will reference your .mo and .po files for language translation.

Defining language directory LANGDIR in wp-config.php

WordPress provides an option to define the LANGDIR option. This LANGDIR option defines which directory will hold your language .mo files. By default, WordPress looks in wp-content/languages for the .mo file. If you would like to move this folder, just set the LANGDIR option like so:

define( 'LANGDIR', '/wp-content/langdir/my/languages' );

Defining custom user table and custom user meta table in wp-config.php

CUSTOM_USER_TABLE and CUSTOM_USER_META_TABLE which are very powerful options in WordPress . They are useful if you want to have two or more individual WordPress installs and use the same user accounts. Remember to set this prior to installing WordPress by defining in wp-config.php file in below format.

define( 'CUSTOM_USER_TABLE', 'joined_users' );

define( 'CUSTOM_USER_META_TABLE', 'joined_usermeta' );

By declaring and setting these 2 options will enable you to define the name of the default WordPress user and user meta table. By declaring both websites share user information including usernames, passwords, author bios, and so on. This is a great way to set up with fresh installation of WordPress but not lose sync information with your current user base. If you would like your users to have different set of roles on each WordPress install, but still share user accounts, don’t set the CUSTOM_USER_META_TABLE option. Everything stored in the user tables will stay the same, but everything else will be blog-specific i.e. user level, first and last name, and so on.

Defining cookie domain and cookiepath and sitecookiepath in wp-config.php

Website cookies plays a very important role and you can define multiple cookie options like below,




All above 3 options are typically used in a WordPress Multi site installation utilizing sub-domains for websites which allows you to set the primary domain, so that cookies can be created and validated on all other sub-domains in the network and you can define them in below format in wp-config.php file.

define( 'COOKIE_DOMAIN', '.domain.com' );

define( 'COOKIEPATH', '/' );

define( 'SITECOOKIEPATH', '/' );

Usually, you won’t need to use or change this option, but if you are facing issues with cookies or run into issues with cookies this is the first place to check and troubleshoot.

Defining FTP Settings in wp-config.php file

You can set FTP settings directly in your wp-config file. This is not recommended and only needed if your hosting provider is not configured to 24*7 support the fir automatic install process or files change. wp-config file is very sensitive file and this is easily detectable because each time you try to install a theme or plugin you will be prompted and asked for your FTP information.

Define FTP Setting Details in wp-config.php file below:

To save your FTP information in WordPress, add the following options in your wp-config file

define( 'FTP_USER', 'username' );

define( 'FTP_PASS', 'password' );

define( 'FTP_HOST', 'ftp.example.com:21' );

Configure by entering your FTP username, password, and host with port and you are good to go. WordPress will no longer ask for your FTP information when using the automatic installer.

Configure FTP/SSH with wp-config.php in WordPress

defining-ftp-settings in-wp-config-php-file
defining-ftp-settings in-wp-config-php-file

You can set additional FTP/SSH options for various configurations like below in wp-config.php file:

define( 'FS_METHOD', 'ftpext' );

define( 'FTP_BASE', '/public_html/WordPress/' );

define( 'FTP_CONTENT_DIR', '/public_html/WordPress/wp-content/' );

define( 'FTP_PLUGIN_DIR ', '/ public_html /WordPress/wp-content/plugins/' );

define( 'FTP_PUBKEY', '/home/username/.ssh/id_rsa.pub' );

define( 'FTP_PRIVKEY', '/home/username/.ssh/id_rsa' );

define( 'FTP_SSL', false );

Override default file permissions with wp-config.php file in WordPress

You can easily override default file permissions in WordPress using the FS_CHMOD_FILE and FS_CHMOD_DIR options by defining below in wp-config.php:

define( 'FS_CHMOD_FILE',0644 );

define( 'FS_CHMOD_DIR',0755 );

To know more about file permissions in WordPress visit: link. These settings can help with certain hosting companies that use restrictive permissions for all user files. This will override the server settings and should allow WordPress updates and auto installations to work.

Defining Cache options in wp-config.php file

The WP_CACHE option is required for some caching plugins to work. Enabling this option will include the file wp-content/advanced-cache.php which will be declaring in wp-settings.php file. To enable this option use the following code in wp-config.php:

define( 'WP_CACHE', true );

Defining Constants in wp-config.php

WordPress has several numerous constant options that you can set easily with wp config file. There is a PHP function to see all constants currently set on your WordPress installation, just define wp-config.php:

print_r( @get_defined_constants() );

Force SSL login with wp-config.php

An advanced option of forcing SSL on login to your WordPress site. This requires users to log in via the HTTPS access link and encrypts all data being transferred to and from your website. To activate SSL on login add below code in wp-config.php i.e FORCE_SSL_LOGIN option like so:

define( 'FORCE_SSL_LOGIN', true );

You can also force all admin pages to use SSL. You can activate with the FORCE_SSL_ADMIN option like so:

define( 'FORCE_SSL_ADMIN', true );

This forces all admin dashboard pages which has the url wp-admin to be encrypted with SSL. Keep in mind that activating this setting slows down your admin page load times, but all data passed to and from WordPress will be encrypted using SSL.

Before adding the above code first you need to install ssl certificate on your website & remember your website must be configured to work with SSL correctly with the redirects and make sure there is no redirect loop happening on your website.

The easy method to test is to visit your site using https, as in https://example.com. If the page loads, SSL is set up on your server. Forcing SSL on the admin side of WordPress is a great security enhancement. All data passed to and from WordPress will be encrypted, preventing someone from potentially stealing your WordPress login credentials.

Define trash bin in wp-config.php

This trash bin holds any posts, pages, attachments, and comments that have been deleted which helps you to recover any content that you might have accidentally deleted in WordPress. By default, the trash bin is emptied every 30 days. Emptying the trash bin will permanent delete any items in the trash. You can modify this interval by setting the EMPTY_TRASH_DAYS option like below:

define( 'EMPTY_TRASH_DAYS', 7 );

By defining above code in wp-config.php, now trash will automatically be emptied every 7 days. You can also disable the trash completely by setting the option value to 0. The trash link will now be replaced with a Delete Permanently link. Keep in mind that WordPress will not ask for a confirmation when you click Delete Permanently.

define( 'EMPTY_TRASH_DAYS', 0 );

Disable wp-cron in wp-config.php

There is also an option to disable WordPress cron. In wordpress Cron is used to execute scheduled tasks in WordPress. Some common schedule tasks include posting a scheduled post and checking for new versions of WordPress, themes, and plugins. To disable WordPress cron add this option to your wp-config file:

define( 'DISABLE_WP_CRON', true );