$ U.S. Dollar€ Euro£ British PoundC$ Canadian DollarsA$ Australian DollarsRs Indian Rupees¥ China Yuan RMBMore Info
EasyWP: How to edit the wp-config.php file in WordPress
The wp-config.php file is one of the most important files in WordPress. It contains your site’s database details and other critical settings. Unlike other WordPress core files, this file is generated specifically for your site during installation and is always located in the root directory of your WordPress installation.
NOTE: Since wp-config.php stores sensitive information, we recommend creating a full backup of your site before editing it. Learn how to back up a WordPress site.
Before you start, ensure that the HackGuardian security tool is deactivated on your EasyWP site. HackGuardian is automatically included with every EasyWP subscription. When it’s active, your WordPress files are locked in a partial read-only mode, preventing changes to wp-config.php.
Locating the wp-config.php file
You can access the wp-config.php file through an SFTP connection or by using a file manager plugin (e.g., WP File Manager).
1. In your EasyWP Dashboard, select Manage next to your site.
2. Open the Files & Database tab.
3. Create an SFTP session by selecting a timeframe and clicking Access files.
4. Open FileZilla (or another FTP client) and connect using the provided credentials.
5. Locate wp-config.php in the root directory of your WordPress site.
Here is a screenshot of the wp-config.php in FileZilla:
You cannot edit the file directly in FileZilla. Instead:
Download the file to your device;
Open it with a text editor such as Notepad or TextEdit;
Make your changes;
Re-upload it to the same directory in FileZilla, overwriting the existing file.
NOTE: You will need to overwrite the file, as there cannot be two files with the same name on a single website.
Understanding wp-config.php file
First, let’s look at the basic wp-config.php file code. Here’s an example of the default WordPress wp-config.php file:
Each section of this file is well documented in the file itself. Almost all the settings are defined by using PHP constants:
define( 'constant_name' , 'value');
Let’s take a look at each section.
MySQL database settings in wp-config.php file
The connection of your WordPress website with the database is configured in the MySQL Settings section:
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', '259906_8e1d7f7a28c6a42ee95854c30eefdfd6' );
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
These lines connect your WordPress site to its database. They are generated automatically when the site is created and should not normally be changed.
Authentication Keys and Salts
Authentication Keys and Salts strengthen security by encrypting cookies and user sessions.
/**#@+
* Authentication unique keys and salts.
*
* Change these to different unique phrases. You can generate these using
* the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
*
* You can change these at any point in time to invalidate all existing cookies.
* This will force all users to have to log in again.
*
* @since 2.6.0
*/
define( 'AUTH_KEY', '3f3gs=e-E+guQb%:Zw%4fyE]yqmf%C]:-yjwWM9R,uwKkx>#3s*D.zGq4Z[f$HMw' );
define( 'SECURE_AUTH_KEY', 'bIc*a0DGP&n623(@MUN_e_Y_~$CbXoIFvk_r@D/0U#AoxvH!<&.-`hW>UGP}qydw' );
define( 'LOGGED_IN_KEY', 'K@U)o.5j}s[8jGukO[%jb`3f6lhS}8#z05)4x9N<7*jh*cr#va );
define( 'NONCE_KEY', '{fLJf]5m$MtW6L_>w#ZL^.=igEh9ys?nW1uXLT90j[D3.xXZRf{>@;p;Zu> PNfo' );
define( 'AUTH_SALT', '-LHF&c4S]H(s:5W0p!a6]#n*n~^g=inQP(`$oQ&M+`8T0pYfN2D#Q@p T^PA;g(b' );
define( 'SECURE_AUTH_SALT', '{z_.V=f.{iV:j5NMkK&yLF>(Jkl5SK3?tGP7{FA,65OFQ?/5c,ebOIpL0N!}wf:' );
define( 'LOGGED_IN_SALT', '`E3b#wi1N_=a$=S^n}jaBXK0l~PocH)p%_`Vj6$>)]0+IBWc=D>8 '3~U*of|wG08}%Y>7He[~c>E9K)A@kBCmnyjFZ^)#S;y//:PF=_7fW?Pm3HZ, 8>' );
define( 'WP_CACHE_KEY_SALT', 'u~KMfvOC{c__I[]/`!m,%bLQRP8jpZgRsvFWj?K-m&>Mzg}SR9tyz9bL~8sE+i{K' );
In the example above, you can see that keys have already been installed, and you can simply update them if needed. However, you can also come across a 'put your unique phrase here' message in the settings, which means that keys have not been installed yet, and you need to add them:
/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
define( 'WP_CACHE_KEY_SALT', 'put your unique phrase here');
/**#@-*/
You can generate new keys by visiting this link https://api.wordpress.org/secret-key/1.1/salt/. Copy and paste the keys to the wp-config.php file.
Updating keys will log out all users, requiring them to sign in again. This is recommended if you suspect your site has been compromised.
WordPress Database Table Prefix
By default, WordPress adds wp_ prefix to all tables created by the installation:
/**#@-*/
/**
* WordPress database table prefix.
*
* You can have multiple installations in one database if you give each
* a unique prefix. Only numbers, letters, and underscores please!
*/
$table_prefix = 'wp_';
This value must match the prefix of your actual database tables. If they don’t match, WordPress won’t connect properly to the database.
WordPress debug mode
This feature can be useful for users who are learning WordPress development or trying to use experimental functions and options. By default, WordPress hides notifications, which are generated by PHP during code execution.
/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*
* For information on other constants that can be used for debugging,
* visit the documentation.
*
* @link https://wordpress.org/support/article/debugging-in-wordpress/
*/
if ( ! defined( 'WP_DEBUG' ) ) {
define( 'WP_DEBUG', false );
}
If you change the following line from false to true, WordPress will show all PHP notifications.
define('WP_DEBUG', true);
The last part of the wp-config.php file defines the absolute path, which is used for the settings of WordPress vars and included files. There is no need to change anything here:
/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', __DIR__ . '/' );
}
/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';
Most common changes, which can be applied via the wp-config.php file
All additional lines in the wp-config.php file should be added after the following line:
/* That's all, stop editing! Happy blogging. */
Changing WordPress URLs
Sometimes you may need to update your WordPress URLs, for example, after changing your domain name. Normally, this can be done in the WordPress admin dashboard or directly in the website’s database. However, if you cannot access the dashboard, you can also apply the changes in the wp-config.php file.
NOTE: Do not forget to change 'http://example.com' to your real website's domain, which can also contain https and www.
Changing upload directory
By default, WordPress saves all media uploads in the /wp-content/uploads/ folder. If you want to store your files in a different location, you can add the following lines to the wp-config.php file:
define( 'UPLOADS', 'wp-content/newfolder' );
'newfolder' can be changed to any folder name you are going to store the files in.
Deactivating automatic WordPress updates
Since WordPress version 3.7, automatic updates have been activated by default to improve website security. While this feature is useful, in some cases an update may cause compatibility issues and make your site temporarily inaccessible. To deactivate automatic updates, add the following line to your wp-config.php file:
define( 'WP_AUTO_UPDATE_CORE', false );
NOTE: It is strongly recommended to keep WordPress, plugins, and themes updated to their latest versions. To do this safely, create regular backups of your site and use the EasyWP WordPress Autoupdates feature.
You should only deactivate auto-updates at your own risk, and only if updates repeatedly cause your site to malfunction. Outdated software can expose your site to security risks, performance issues, and unexpected errors.
Changing the limit of post revisions in WordPress
WordPress includes a built-in feature for autosaving and storing revisions of posts. On larger websites, these revisions can accumulate and increase the size of the database. To control this, you can set the number of revisions saved per post by adding the following line to the wp-config.php file:
define( 'WP_POST_REVISIONS', 3 );
Number '3' should be changed to the number of revisions you would like to store.
Changing WP_MEMORY_LIMIT
Sometimes, after activating a plugin or performing certain actions in WordPress, you may see a message indicating that the wp_memory_limit needs to be increased. To resolve this, update the WP_MEMORY_LIMIT value in the wp-config.php file as follows:
define('WP_MEMORY_LIMIT', '128M');
The limit '128M' in this example can be changed to the limit you need.
The maximum value for each EasyWP plan can be checked below:
Editing wp-config.php gives you advanced control over your WordPress installation. Always back up your site before making changes, and re-activate HackGuardian after you’ve finished editing.
If you are unsure about any step or encounter issues after updating wp-config.php, contact our Support Team for assistance – we’re always here to help.
/e_<7*jh*cr#va=>
