Overview
This article provides an overview of the WordPress wp-config.php file and options to customize it for your site.
Background
WordPress uses the wp-config.php file to connect to your database. If it is misconfigured, your site will go down because it cannot connect to the database to load your website content.
It can also be used to secure and configure WordPress settings.
Locating and editing the file
This file is located in your WordPress website's main directory. There you'll see all of your WordPress files. You can then edit it using an FTP client or by logging into the server via SSH.
Replacing the file
You can easily replace the wp-config.php file if it has been removed.
- Visit the WordPress Core page. At the bottom, choose one of the following options:
- Click the Plain Text link to download a text file.
- Click the Original Format link to download a PHP file.
Do not copy the code directly, as it will contain line numbers to the left.
- Log in to your server via FTP or SSH.
- Navigate to your website's main directory.
- Create the new file:
- Update the database settings to use your database credentials.
- Update the Authentication keys section. You can use this site to generate new values.
- Save the file.
You should now be able to Log in to your WordPress site.
Configurations and settings
Database settings
Certain database settings are added to the wp-config.php by default. All of these must be present for the file to function.
Database credentials
Database credentials can be found in the DreamHost panel. The following lines inform your installation where to locate your database content to load your WordPress website:
define('DB_NAME', 'databasename'); define('DB_USER', 'username'); define('DB_PASSWORD', 'password'); define('DB_HOST', 'mysql.example.com'); define('DB_CHARSET', 'utf8'); define('DB_COLLATE', '');
Table prefix
The table prefix is unique text placed at the beginning of each table in your WordPress database. The default is wp_ but if you used the DreamHost WordPress installer, the prefix includes random letters and numbers. For example:
$table_prefix = 'wp_2hdy121d_';
It should always end with an underscore, as this makes the tables in your database easier to identify.
Security
Authentication keys and salts
WordPress uses security keys to protect logged-in users. If necessary, you can generate new values using the WordPress.org secret-key API.
- If you don't see them in the file, you should add them.
- If you've been hacked, you should replace them.
define('AUTH_KEY', 'hvKlL_)w&k{ybi{4cHV3G9x3t[]!@y$e*jW?Qt@bqkiRlr.Wy8]t6)/*<y1![S!P'); define('SECURE_AUTH_KEY', 'O=oxZd%3fks%6ne+w+-A|B.`X-YcTCjD`<aF_H-vbQ[vMd4d?C;u,X$@q|t-dE28'); define('LOGGED_IN_KEY', 'Gm#l.Z8{j/F$s0UqEbptEIi`Rl{ hmmA4]N$UxDw`6t>`HlgC$UP0>-ix? Zak87'); define('NONCE_KEY', 'N{_@b|dS-L7~C2r*3LbHyx%r[i+z>j|~jY<SN;rSr#QMhiQ.nwrISn!0y,H>2pUc'); define('AUTH_SALT', '5w%BS*,%rZ*|L?3sxCQ@-hFBM3aeN$Z0-^fPU1uU|O672X d|~4/I=5LLr.]*N8M'); define('SECURE_AUTH_SALT', 'o-O }+zw>[{8OUM)]UBcR_TTtwRtPTx+dN$K=zklG2:gJ!Z-{f,17(|65+odw(&6'); define('LOGGED_IN_SALT', 'rl45Nq@h|Va3P+ML? -r&7`xay)4$a+Zp (#pw!(4C^WV:7[i#jJ@J|JyZmA-NAX'); define('NONCE_SALT', 'Vnor?.uqj+/`KS+<r]$G_.)gBmbyxI4S|?1+t<jR|+wh[$i%+vvv|KA)E#g?jn.f');
Hacked site
If your file contains anything like the following, you should remove it immediately, as this is a strong indication that your website has been hacked.
<?php eval(gzinflate(base64_decode('dVRtb6NGE.....')));?>
Base64 hacks leave a backdoor that hackers can use repeatedly on your site.
Additionally, the better option may be to replace the wp-config.php, as explained above.
Troubleshooting
Debug mode
Debug mode defaults to off, as shown in this line:
define('WP_DEBUG', false);
However, you can enable and configure this in different ways to help troubleshoot any website issues. See this article for instructions.
Update after changing a database password
You must update the wp-config.php file if you've changed the database user's password. If not, your website will not be able to connect to the database.
If you have multiple users for your database, make sure that you are changing the correct user's password. You can check which database user logs into the database by looking at the database credentials section.
Customizations
Adding custom defines
There are many define values you can customize for your site. Here is the basic syntax:
define('VARIABLE', 'VALUE');
If you choose to add a define value, make sure to place it above this line:
/* That's all, stop editing! Happy blogging. */
NEVER put anything below this line, as it could potentially cause issues with your site.
Language Definitions
WordPress is currently available in many languages. When you install WordPress, you’re given a choice to select your language. If you need to change it later, you can edit your language by changing the define for WPLANG.
If it's blank, English is used:
define('WPLANG',);
To change, look up the locale for your language and add it after WPLANG. For example, if you wanted to use Canadian English, it would be this:
define('WPLANG', 'en_CA');
Visit this page for further information about changing the language in WordPress.