10 wp-config.php Tips for Customizing WordPress Site

There are many core files in WordPress that site owners need to access frequently. One of the important files is the “wp-config.php” which is a configuration file located in the root directory of a self-hosted WordPress site. It contains site’s most important configuration details like database credentials and security settings. This wp-config.php file is not part of the default WordPress package downloaded from WordPress.org site. It is created during installation process or you can create by duplicating the sample file “wp-config-sample.php” coming with installation package.

Sample wp-config.php File

Below is the“wp-config-sample.php” file that comes with the WordPress installation package downloaded from wordpress.org site.

* The base configuration for WordPress
* The wp-config.php creation script uses this file during the
* installation. You don't have to use the web site, you can
* copy this file to "wp-config.php" and fill in the values.
* This file contains the following configurations:
* * MySQL settings
* * Secret keys
* * Database table prefix
* @link https://codex.wordpress.org/Editing_wp-config.php
* @package WordPress

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');

/** MySQL database username */
define('DB_USER', 'username_here');

/** MySQL database password */
define('DB_PASSWORD', 'password_here');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

* Authentication Unique Keys and Salts.
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
* @since 2.6.0
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');


* WordPress Database Table prefix.
* You can have multiple installations in one database if you give each
* a unique prefix. Only numbers, letters, and underscores please!
$table_prefix = 'wp_';

* For developers: WordPress debugging mode.
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
* For information on other constants that can be used for debugging,
* visit the Codex.
* @link https://codex.wordpress.org/Debugging_in_WordPress
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Why Do You Need to Modify wp-config.php File?

During the maintenance and troubleshooting, every WordPress user will come across the need to modify wp-config.php file. You can do the modifications by changing the default WordPress parameter values as per your need. In this article we will share top 10 wp-config.php tips every WordPress user should know. The wp-config.php file will not visible on the frontend admin panel, you need to login using FTP and find the file on your root installation path. Alternatively you can use File Manager on your cPanel to edit the file.

10 wp-config.php Tips Every WordPress User Should Know

  1. Increase PHP memory limit
  2. Change database name / password
  3. Change default MySQL table prefix
  4. Disable file editor from admin panel
  5. Enable or disable debugging
  6. Disable post revisions
  7. Restrict number of post revisions
  8. Set autosave interval
  9. Change wp-content folder path
  10. Changing uploads folder path

1. Increase PHP Memory Limit

WordPress works based on the script files created in PHP. In order for these PHP scripts to run properly, you need sufficient memory allocated to them. Generally web hosting companies control this parameter to safeguard the server from long running scripts consuming high resources.

When your host allows you to allocate memory then you can do this by modifying the “WP_MEMORY_LIMIT” parameter in wp-config.php file like below:

define('WP_MEMORY_LIMIT', '96M');

By default WordPress allocates 40M PHP memory for single installation and 60M for multisite installation. So you should increase the limit above 40M if you are running a single site. Anything equals to or less than 40M is not necessary (60M for multisite).

2. Change Database Name or Password

You should link the correct database details whenever you change the database name for security or any other reasons. WordPress will throw a message “Error establishing database connection” if the details in wp-config.php are not maintained properly.

You should provide database name (DB_NAME), username (DB_USER) and the password (DB_PASSWORD) in wp-config.php file as shown below:

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');

/** MySQL database username */
define('DB_USER', 'username_here');

/** MySQL database password */
define('DB_PASSWORD', 'password_here');

/** MySQL hostname */
define('DB_HOST', 'localhost');

3. Change Default Table Prefix

By default WordPress assigns “wp_” as a prefix for all individual MySQL database tables. It is recommended to change this prefix to improve the security. You can do this by using “$table_prefix” parameter in wp-config.php file.

$table_prefix = '_a123';

Table prefix should contain only letters, numbers and underscore without any special characters like $.

4. Disable File Editing

You can access all theme files on the WordPress installation through “Appearance > Editor” menu. Similarly, you can access the plugin files through “Plugins > Editor”. Nowadays, WordPress will show a warning message when you try to edit the files. However, it will not you doing so. This may cause problem when you don’t know clearly what you are doing. For example, just leaving a dot in theme’s “functions.php” file will result in white screen of death. You can remove the file editing menus from admin panel by adding the below line in wp-config.php file.

define( 'DISALLOW_FILE_EDIT', true );

This is also necessary to protect your site from hackers. Even if someone get access to your WordPress admin panel they will not be able to edit any files on your WordPress installation.

5. Enable or Disable Debugging

The debugging mode allows you to show the details of errors on the screen when the site is being accessed on the browser. This is one of the ways to troubleshoot a WordPress site for a normal users. As the information may be sensitive, WordPress by default disables the debugging function.

You can enable the debugging by adding the below code in your wp-config.php file.

define( 'WP_DEBUG', true );

Ensure to set the value back to false once your troubleshooting is finished.

6. Disable Post Revisions

WordPress saves the post in frequent interval during editing as a revision. This will help you to restore the post to the earlier versions in case of problems like browser crash or internet disconnected. The real users will never see these revisions though they are permanently stored on your database and consume the storage. You can disable the post revisions by adding the below line in wp-config.php file.

define('WP_POST_REVISIONS', false);

7. Restrict Number of Post Revisions

Instead of completely disabling the post revisions, you can define the number of revisions WordPress stores for each post. The below code will allow WordPress to store the latest three revisions, you can change the number as per your need. In this way, you can still have the latest three revisions on your database and restore them when needed thus occupying less storage.

define( 'WP_POST_REVISIONS', 3 );

8. Set Autosave Interval

WordPress automatically saves the content when you are editing it online. This will help to retrieve the content on unexpected situation like network drop. The default frequency of this autosave is 60 seconds. But we are sure most of the general WordPress users do not need the post to be saved every single minute. You can modify the interval to any time in seconds by adding the below line in wp-config.php file (300 seconds in this case).

define( 'AUTOSAVE_INTERVAL', 300 );

9. Change wp-content Folder Path

Your entire theme, plugins and media files are stored under “wp-content” folder. You can view the folder path clearly by viewing the page source or looking at the image URL. So people recommend moving the “wp-content” directory outside WordPress installation as a security measure.

Assume you want to move “/wp-content” folder to “/new-folder/wp-content” then you should add the below lines in wp-config.php file.

define( 'WP_CONTENT_DIR', dirname(__FILE__) . '/new-folder/wp-content' );
define( 'WP_CONTENT_URL', 'http://www.mysite.com/new-folder/wp-content' );

Ensure not to provide the trailing slash in both the lines.

10. Change Uploads Folder Path

By default all media files are stored inside the folder named “Uploads”. You can change the name of the “Uploads” folder to any name you want like images.

define( 'UPLOADS', 'wp-content/images' );


As mentioned, editing files in WordPress is unavoidable as part of troubleshooting, security and maintenance. Definitely you can’t install plugins for each of these functions and slow down your site. So the easy and simple way is to modify the wp-config.php file and get things done. However, always take the backup of your current version and be careful in modifying the PHP files in WordPress. Add any of your code in wp-config.php file above the comment /* That’s all, stop editing! Happy blogging. */. Otherwise the code will produce unexpected results and may break your site.

Editorial Staff at WebNots are team members who love to build websites and share the learning with webmasters community. Follow us on Facebook and Twitter.

Leave a Comment