WordPress wp-config.php overview

Overview

This article provides an overview of the WordPress wp-config.php file and options to customize it for your site.

Background

WordPress uses the wp-config.php file to connect to your database. If it is misconfigured, your site will go down because it cannot connect to the database to load your website content.

It can also be used to secure and configure WordPress settings.

Locating and editing the file

This file is located in your WordPress website's main directory. There you'll see all of your WordPress files. You can then edit it using an FTP client or by logging into the server via SSH.

Replacing the file

You can easily replace the wp-config.php file if it has been removed.

1. Visit the WordPress Core page. At the bottom, choose one of the following options:
   • Click the Plain Text link to download a text file.
   • Click the Original Format link to download a PHP file.

   Do not copy the code directly, as it will contain line numbers to the left.

2. Log in to your server via FTP or SSH.
3. Navigate to your website's main directory.
4. Create the new file:
   • If you downloaded the text file, create a new file titled wp-config.php using an FTP client or SSH. Then copy in the text from the file you downloaded into this new file on the server.
   • If you downloaded the PHP file, just upload it via FTP to your server.
5. Update the database settings to use your database credentials.
6. Update the Authentication keys section. You can use this site to generate new values.
7. Save the file.

You should now be able to Log in to your WordPress site.

Configurations and settings

Database settings

Certain database settings are added to the wp-config.php by default. All of these must be present for the file to function.

Database credentials

Database credentials can be found in the DreamHost panel. The following lines inform your installation where to locate your database content to load your WordPress website:

define('DB_NAME', 'databasename');
define('DB_USER', 'username');
define('DB_PASSWORD', 'password');
define('DB_HOST', 'mysql.example.com');
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');

Table prefix

The table prefix is unique text placed at the beginning of each table in your WordPress database. The default is wp_ but if you used the DreamHost WordPress installer, the prefix includes random letters and numbers. For example:

$table_prefix = 'wp_2hdy121d_';

It should always end with an underscore, as this makes the tables in your database easier to identify.

Security

Authentication keys and salts

WordPress uses security keys to protect logged-in users. If necessary, you can generate new values using the WordPress.org secret-key API.

• If you don't see them in the file, you should add them. 
• If you've been hacked, you should replace them.

define('AUTH_KEY',         'hvKlL_)w&k{ybi{4cHV3G9x3t[]!@y$e*jW?Qt@bqkiRlr.Wy8]t6)/*<y1![S!P');
define('SECURE_AUTH_KEY',  'O=oxZd%3fks%6ne+w+-A|B.`X-YcTCjD`<aF_H-vbQ[vMd4d?C;u,X$@q|t-dE28');
define('LOGGED_IN_KEY',    'Gm#l.Z8{j/F$s0UqEbptEIi`Rl{ hmmA4]N$UxDw`6t>`HlgC$UP0>-ix? Zak87');
define('NONCE_KEY',        'N{_@b|dS-L7~C2r*3LbHyx%r[i+z>j|~jY<SN;rSr#QMhiQ.nwrISn!0y,H>2pUc');
define('AUTH_SALT',        '5w%BS*,%rZ*|L?3sxCQ@-hFBM3aeN$Z0-^fPU1uU|O672X d|~4/I=5LLr.]*N8M');
define('SECURE_AUTH_SALT', 'o-O }+zw>[{8OUM)]UBcR_TTtwRtPTx+dN$K=zklG2:gJ!Z-{f,17(|65+odw(&6');
define('LOGGED_IN_SALT',   'rl45Nq@h|Va3P+ML? -r&7`xay)4$a+Zp (#pw!(4C^WV:7[i#jJ@J|JyZmA-NAX');
define('NONCE_SALT',       'Vnor?.uqj+/`KS+<r]$G_.)gBmbyxI4S|?1+t<jR|+wh[$i%+vvv|KA)E#g?jn.f');

Hacked site

If your file contains anything like the following, you should remove it immediately, as this is a strong indication that your website has been hacked.

<?php eval(gzinflate(base64_decode('dVRtb6NGE.....')));?>

Base64 hacks leave a backdoor that hackers can use repeatedly on your site.

Additionally, the better option may be to replace the wp-config.php, as explained above.

Troubleshooting

Debug mode

Debug mode defaults to off, as shown in this line:

define('WP_DEBUG', false);

However, you can enable and configure this in different ways to help troubleshoot any website issues. See this article for instructions.

Update after changing a database password

You must update the wp-config.php file if you've changed the database user's password. If not, your website will not be able to connect to the database.

If you have multiple users for your database, make sure that you are changing the correct user's password. You can check which database user logs into the database by looking at the database credentials section.

Customizations

Adding custom defines

There are many define values you can customize for your site. Here is the basic syntax: 

define('VARIABLE', 'VALUE');

If you choose to add a define value, make sure to place it above this line:

/* That's all, stop editing! Happy blogging. */

NEVER put anything below this line, as it could potentially cause issues with your site.

Language Definitions

WordPress is currently available in many languages. When you install WordPress, you’re given a choice to select your language. If you need to change it later, you can edit your language by changing the define for WPLANG.

If it's blank, English is used:

define('WPLANG',);

To change, look up the locale for your language and add it after WPLANG. For example, if you wanted to use Canadian English, it would be this:

define('WPLANG', 'en_CA');

Visit this page for further information about changing the language in WordPress.

See also

• WordPress overview
• How to log into your WordPress site
• SSH overview
• Finding your database login credentials