How to edit wp-config.php file in WordPress

The file called wp-config.php is the main configuration file for any WordPress website. It’s always located in the root folder of the domain’s WordPress installation. Unlike other basic WordPress files, it's generated specifically for your website during the installation. It keeps information about the database for your website and some other essential settings.

As it contains  important information, we do not recommend editing it without making a backup of the file or even the website.

You can find it in cPanel > Files section > File Manager menu > root folder of the WordPress installation:

There are several ways to edit it:

1.  Via cPanel File Manager menu > select the needed wp-config.php file > click on Code Editor button:

2.  Download the file to your device and use any text editor, like Notepad or TextEdit, to make the changes. Once done, you will need to reupload the file to the hosting account.

Understanding wp-config.php file

Before we get to the actual editing of the file, let’s take a look at the basic wp-config.php file code.
Here’s an example of the default WordPress wp-config.php file:

Each section of this file is well documented in the file itself. Almost all the settings are defined by using PHP constants:

 define( 'constant_name' , 'value'); 

Let’s take a look at each section.

MySQL database settings in wp-config.php file

The connection of your WordPress website with the database is configured in a section MySQL Settings:

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'cPanelusername_wp792');
/** MySQL database username */
define('DB_USER', 'cPanelusername_wp792');
/** MySQL database password */
define('DB_PASSWORD', 'qp0@P0[24S');
/** MySQL hostname */
define('DB_HOST', 'localhost');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8mb4');
/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

If you are installing WordPress using Softaculous Script Installer, these settings are filled in automatically without a need to make any changes from your side.

However, if you are installing WordPress manually, you will need to fill in the following lines:

DB_NAME – name of the database you are using for the website.
DB_USER – name of the user assigned to this database.
DB_PASSWORD – password for the user assigned to the database.
DB_HOST – you need to use exactly 'localhost' or ''.

This information can be checked in cPanel > Databases section > MySQL Databases menu:

Authentication Keys and Salts

Unique Authentication Keys and Salts help to improve the security of your WordPress website. They provide strong encryption for user sessions and cookies generated by WordPress.

/**#@+ * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define('AUTH_KEY',         'sl4tjdnklmba7y5slkmbtmjlpiq5sktqf5atkkyf4lqchy6xqdfmdq8q8fffqetw');
define('SECURE_AUTH_KEY',  'v53il73qlah16db21i7cfk3zdrgxxm3ofv3elfaqnnfhvi5z1aemqr0xydcux9mw');
define('LOGGED_IN_KEY',    'm7enmciil9jn3z4knrp9edo3e4ihl16rf5no1nradv8kd7h7zfvr3np9ot29ew2t');
define('NONCE_KEY',        'kreqjwqb3z6werlv5cx10jykskpe3yogq50lsjszskmabyuaksm8mgd7vskl5hid');
define('AUTH_SALT',        'trijiliazfic2dboijugdbolyfj9s3iu4sxidbooavcdmejqe6xv9obmrydzqg7c');
define('SECURE_AUTH_SALT', 'p2d6b1hunwij3fokmkejia3loyvzrlvonxslgzbxusz4ytbmajfy30vfwhofophs');
define('LOGGED_IN_SALT',   '9luoa41irvafroggy9xqedd4qeltyouxpqrajky9p2y3jecduabpbx9vjpouzfab');
define('NONCE_SALT',       'belb5oknpapd0pgiifjgrsbizorkedyjed50omvjhlru65iohsk90l4dojisbdqa');

In the example above you can see that keys have been already installed and you can simply update them if it’s needed. However, you can also come across 'put your unique phrase here' message in the settings, which means that keys have not been installed yet and you need to add them:

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

You can generate new keys by visiting this link Just copy and paste keys to the wp-config.php file.

Updating these keys is rather important if you suspect your WordPress installation was hacked. Changing authentication keys will log out all authorized users from the system and make them log in once again.

WordPress Database Table Prefix

By default WordPress adds wp_ prefix to all tables created by the installation:

 * WordPress Database Table prefix.
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
$table_prefix  = 'wp_';

It’s recommended changing this prefix to a custom one for security reasons. This can prevent hacker attacks to your website as it protects (prevents is used two times in the same sentence) from guessing your WordPress table names.

It’s quite easy to change the prefix while installing WordPress. However, it will require several steps from you in order to make the changes for existing websites.

Go to cPanel > Databases section > phpMyAdmin menu > choose the necessary database from the left side > click on SQL option above:

Here you need to run queries  RENAME SQL on tables in your WordPress database:

RENAME table `wp_commentmeta` TO `newprefix_commentmeta`; 
RENAME table `wp_comments` TO `newprefix_comments`;
RENAME table `wp_links` TO `newprefix_links`;
RENAME table `wp_options` TO `newprefix_options`;
RENAME table `wp_postmeta` TO `newprefix_postmeta`;
RENAME table `wp_posts` TO `newprefix_posts`;
RENAME table `wp_terms` TO `newprefix_terms`;
RENAME table `wp_term_relationships` TO `newprefix_term_relationships`;
RENAME table `wp_term_taxonomy` TO `newprefix_term_taxonomy`;
RENAME table `wp_usermeta` TO `newprefix_usermeta`;
RENAME table `wp_users` TO `newprefix_users`;

NOTE: newprefix_ should be replaced with the new database prefix you wish to have instead of wp_.

Hit Go to proceed with this changes:

Once done, you will see the new database prefix has been applied to your WordPress database:

After that you will need to search the options table for any other fields that are using wp_ as a prefix in order to replace them. It is necessary to run the following query in the same way:

SELECT * FROM 'newprefix_options' WHERE 'option_name' LIKE '%wp_%'

Then click Go and you will get the a result as on in the screenshot below:

Here you will need to go one by one to change these lines and replace the old database prefix with the new one. Once done, we need to search for usermeta for all fields that are having  have wp_ as a prefix with the help of this SQL query:

SELECT * FROM `newprefix_usermeta` WHERE `meta_key` LIKE '%wp_%'

After that click Go and the following results will appear:

The number of entries may vary depending on how many plugins you are using and such. Here you need to change everything with wp_ to the new prefix as well.

Once done, make sure that you update your wp-config.php file with the new database prefix:

Also, you can change the database prefix using special plugins like Change DB prefix or Change table prefix.

WordPress debug mode

This feature can be useful for users, that are learning WordPress development or trying to use some experimental functions and options. By default WordPress hides notifications, which are generated by PHP during code execution.

 * For developers: WordPress debugging mode.
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 * @link
define('WP_DEBUG', false);
/* That's all, stop editing! Happy blogging. */
If you change the following line from false to true, WordPress will show all PHP notifications.
define('WP_DEBUG', true);

The last part of the wp-config.php file defines the absolute path, which is used for settings of WordPress vars and included files. There is no need to change anything here:

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
    define('ABSPATH', dirname(__FILE__) . '/');
/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Most common changes, which can be applied via wp-config.php file

All additional lines in the wp-config.php file should be added after the following line:

 /* That's all, stop editing! Happy blogging. */

Changing MySQL port and sockets in WordPress

By default we are using port 3306 for MySQL host. However, if for some reason it should be changed (for example, on a VPS or a dedicated server), you will need to change DB_HOST line so it includes port number as well. For example:

define( 'DB_HOST', 'localhost:5067' );

In this example, you can see port 5067. However, it can be changed according to the settings you need to apply. So do not forget to make the necessary changes.

If the host uses sockets or pipes for MySQL, you will need to change DB_HOST line in a similar way:

define( 'DB_HOST', 'localhost:/var/run/mysqld/mysqld.sock' );

The exact changes must checked with your hosting provider.

Changing WordPress URLs

Sometimes it is required to change WordPress URLs. For example, you have changed the domain of web hosting service. You can apply the change in a WordPress admin dashboard or a database assigned to the website. However, you can also make these changes via the wp-config.php file. This can be quite useful, when you can’t access your WordPress admin dashboard.
In order to apply the changes, you will need to add the following lines:

Do not forget to change '' to your real website's domain, which can also contain https or www.

Changing upload directory

By default WordPress stores all your media uploads in /wp-content/uploads/ folder. If you like to store the files in other place, you can add the following lines to the wp-config.php file:

define( 'UPLOADS', 'wp-content/newfolder' ); 

'newfolder' can be changed to any folder name you are going to store the files in.

Disabling automatic WordPress updates

Starting from Wordpress WordPress version 3.7 developers have added an automatic update option. It’s good for the security of your website for sure. However, the update can simply break your website and make it unreachable. If you add this simple code to your wp-config.php file you will disable the automatic updates for the installation:

define( 'WP_AUTO_UPDATE_CORE', false );

Changing the limit of post revision in WordPress

WordPress platform has a built-in option for autosave and revisions of the posts. If you have a large website, revisions can significantly increase the size of your database. You can change the number of the revisions stored for a post by adding the following line to the wp-config.php file:

define( 'WP_POST_REVISIONS', 3 );

Number '3' should be changed to number of revisions you would like to store.


Sometimes after a plugin activation or some actions in WordPress, you can get a message that you need to increase wp_memory limit. In order to do so, add the following line to the wp-config.php file:

define('WP_MEMORY_LIMIT', '64M');

Limit '64M' in this example can be changed to the limit you need.

That’s it!

Need any help? Contact our HelpDesk

40241 times

Need help? We're always here for you.