Wpconfigphp file

The most important file in any WordPress installation is the wp-config.php file. This files stores all database connection settings, including the database name, username, and password to access your database. This file also stores additional database, security, and other advanced settings. The wp-config.php file is originally named wp-config-sample.php. Renaming the file to wp-config.php is one of the first steps to installing WordPress, as discussed in Chapter 1.

The wp-config file is typically stored in the root directory of WordPress. Alternatively, you can move the wp-config file outside of WordPress one directory. So if your WordPress directory is located here:

/public_html/my_website/wp-config.php you can safely move the file here:


WordPress looks for the wp-config file in the root directory first, and if it can't find that file it looks up one directory. This happens automatically so no settings need to be changed for this to work.

Options in WordPress are stored as constants and these can be seen in the wp-config.php file. The constraints all have the same format:

option_name is the name of the option constant being set. value is the option value and can be updated to whatever setting you would like to save for that option.

If your WordPress installation is having problems connecting to your database this is the first place to start troubleshooting. Verify that the db_name, db_user, and db_password options are correctly set for your database server. Also verify that the db_host name is set to the correct host for your server. Typically this is set to localhost, but some hosting companies require a custom value. Contact your hosting tech support or consult their online documentation for the correct host value to set here.

You can change the database character set (charset) by changing the db_charset option value. By default this is set to utf8 (Unicode UTF-8), which supports any language, and is almost always the best option.

Since WordPress 2.2 the db_collate option has allowed designation of the database collation, that is, sort order of the character set. (A character set is a collection of symbols that represents words in a language. The collation determines the order to use when sorting the character set, usually alphabetical order). This option by default is blank and should typically stay that way. If you would like to change the database collation just add the appropriate value for your language. You should change this option before installing WordPress. Altering this value after installation could cause problems in WordPress.

WordPress security can be strengthened by setting secret keys in your wp-config.php file. A secret key is a hashing salt, which makes your site harder to hack by adding random elements (the salt) to the password you set. These keys aren't required for WordPress to function, but they add an extra layer of security on your web site.

To have secret keys auto-generated for you, visit the link to WordPress.org for secret key generation in your wp-config.php file (https://api.wordpress.org/secret-key/1.1/), shown in Figure 3-2.

Alternatively you can just type a bunch of random characters in place of "put your unique phrase here.'' The goal is to use secret keys that are 100 percent random and unique.

FIGURE 3-2: Randomly generated secret keys

FIGURE 3-2: Randomly generated secret keys

You can add or change these keys at any time; the only thing that will happen is all current WordPress cookies will be invalidated and your users will be required to log in again.

Another security feature included in wp-config.php is setting your WordPress database table prefix. By default this option value is set to wp_. You can change this value by setting the $table_prefix variable value to any prefix you would like.

If a hacker is able to exploit your web site using SQL Injection, this will make it harder for him to guess your table names and quite possibly keep him from doing SQL Injection at all. Setting the table prefix to a unique value also makes it possible to run multiple WordPress installations in a single database. If you want to change the table prefix after you have installed WordPress, you can use the WP Security Scan plugin (http: //wordpress.org/extend/plugins/wp-security-scan/) to do so. Make sure you make a good backup before doing this, though.

The wp-config file also contains the option for localizing your installation of WordPress. WordPress has the built-in capability to be used in many different languages. Setting the wplang option value sets the default language for WordPress to use. A corresponding MO file for the selected language must be installed to wp-content/languages for this option to work. MO (machine object) files are compressed PO (portable object) files, which contain translations for WordPress messages and text strings in a specific language. The MO and PO files are components of the GNU "gettext" subsystem that underlies the WordPress multi-language capabilities. For a full list of available MO language files visit the following resources:

> WordPress in Your Language Codex page: http://codex.wordpress.org/ WordPress_in_Your_Language

> WordPress Language File Repository: http: //svn.automattic.com/wordpress-i18n/

Was this article helpful?

0 0

Post a comment