As you know guys I have started this blog with WordPress basic stuffs, so I hope you have tried to install WordPress on your local machine as well. This post will gives you some value added knowledge about Supreme CMS WordPress.
wp-config.php is very important file present in any WordPress based site. It keeps overall configuration of your WordPress site. Yes that’s all you know, but we can use this file in much broader purpose. So today we are gonna discuss about wp-config file in depth. So, We’ll break this down into four basic parts:
I. Baiscs
II. Security
III. Basic/Main Settings
IV. Additional Tricks
Baiscs:
When you first download WordPress, the wp-config.php file isn’t included. Instead, you get a file named “wp-config-sample.php” (located in the root install-directory) that contains everything you need. Just rename the file to “wp-config.php” and delete the wp-config-sample.php file from the server if it’s already there.
Security:
The first thing you want to do with wp-config.php is protect it. Here is a great way to secure the file using .htaccess:
<Files wp-config.php>
Order Allow,Deny
Deny from all
</Files>
This code should be placed in an .htaccess file located in the directory that contains your wp-config.php file. Once the .htaccess file is in place, ensure that permissions are chmod 640 for both files. This setting returns a “403 Forbidden” error to all external requests. Combining proper file permissions with .htaccess protection is an excellent way to secure your wp-config.php.
Basic/Main Settings:
Now that wp-config.php is secure, it’s time to add the required database information and then customize for optimum performance.
1. Database credentials:
The first and only required step is to add your database credentials. This should appear after the PHP comments near the top of the file:
// ** MySQL settings – You can get this info from your web host ** //
/** The name of the database for WordPress */
define(‘DB_NAME’, ‘database_name_here’);
/** MySQL database username */
define(‘DB_USER’, ‘username_here’);
/** MySQL database password */
define(‘DB_PASSWORD’, ‘password_here’);
/** MySQL hostname */
define(‘DB_HOST’, ‘localhost’);
/** Database Charset to use in creating database tables. */
define(‘DB_CHARSET’, ‘utf8’);
/** The Database Collate type. Don’t change this if in doubt. */
define(‘DB_COLLATE’, ”);
For most servers, you’ll need only the first three bits of information: database name, username and password. If WordPress can’t connect after that, then you may need to change the hostname to whatever your host tells you. Only fiddle with the last two items – charset and collate – if you have need and know what you’re doing.
2. Authentication Unique Keys and Salts:
Next up is a section for key/salt definitions. By default it looks like this:
/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define(‘AUTH_KEY’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’);
define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’);
define(‘NONCE_KEY’, ‘put your unique phrase here’);
define(‘AUTH_SALT’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_SALT’, ‘put your unique phrase here’);
define(‘LOGGED_IN_SALT’, ‘put your unique phrase here’);
define(‘NONCE_SALT’, ‘put your unique phrase here’);
/**#@-*/
At this point, we have our database credentials and secret keys all ready to go. Next we want to further improve security by specifying a unique database prefix.
3. WordPress Database Table prefix:
WordPress is a huge target for malicious scripts, hacks, and spam. One of the best ways to secure your WordPress database is to change the default table prefix. The default value, as seen below, is “wp_”:
/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each a unique
* prefix. Only numbers, letters, and underscores please!
*/
$table_prefix = ‘wp_’;
This works, but as the default value, it is heavily targeted by malicious scripts and bad bots. Changing it to something unique essentially immunizes it against automated attacks on anything prefixed with wp_. The more random and unique the better, like a password: “dSty23456_”.
4. WordPress Localized Language:
By default WordPress uses the English language, but you can use any available language by following these steps. As a part of that process, you’ll specify your language in this part of the wp-config.php file:
/**
* WordPress Localized Language, defaults to English.
*
* Change this to localize WordPress. A corresponding MO file for the chosen
* language must be installed to wp-content/languages. For example, install
* de.mo to wp-content/languages and set WPLANG to ‘de’ to enable German
* language support.
*/
define (‘WPLANG’, ”);
Additional Tricks:
Most WordPress sites are in great shape at this point, but there is much more that we can do with wp-config.php to maximize performance and make our lives easier.
1. Remove Post Revisions:
Recent versions of WordPress provides a post-revisioning system that enables users to save different versions of their blog posts and even revert to previously saved versions if necessary. So you can stop it:
// Disable the post-revisioning feature
define(‘WP_POST_REVISIONS’, false); // kill the revision
2. Specify Interval of Autosave Posts/Page:
In a similar vein as the post-revisioning feature is WordPress’ actually useful Autosave functionality. By default, WordPress saves your work every 60 seconds, but you can totally modify this setting to whatever you want.
define(‘AUTOSAVE_INTERVAL’, 180); // in seconds always means here 3 mins
3. Auto Trashed:
Since WordPress 2.9, we’ve had the “Trash” feature to help prevent accidents. So now instead of deleting stuff like posts and comments, you send them to the Trash. By default WordPress deletes the Trash every 30 days, but you can set it to whatever you want by adding a line like this:
define(‘EMPTY_TRASH_DAYS’, 7); // empty weekly
4. Automatic Database Repair:
WordPress 2.9 also gave us automatic database repair, which enables you to repair and optimize your database even when not logged in.
define(‘WP_ALLOW_REPAIR’, true);
5. Block External Requests:
If you need to prevent WordPress from making external requests, add this code to wp-config.php:
define(‘WP_HTTP_BLOCK_EXTERNAL’, true);
6. Blog Address and Site Address:
These two settings were introduced in WordPress version 2.2 and override the database value without actually changing them. Example:
define(‘WP_HOME’, ‘https://shyamapadabatabyal.wordpress.com/’); // no trailing slash
define(‘WP_SITEURL’, ‘https://shyamapadabatabyal.wordpress.com/’); // no trailing slash
7. Debugging Your WordPress Site:
Since WordPress version 2.3.1, users have been able to display certain errors and warnings to help with the debugging of their site.
define(‘WP_DEBUG’, true);
8. Error Log Configuration:
Here is an easy way to enable basic error logging for your WordPress-powered site. Create a file called php_error.log, make it server-writable, and place it in the directory of your choice. Then edit the path in the third line of the following code and place into your wp-config.php:
@ini_set(‘log_errors’,’On’);
@ini_set(‘display_errors’,’Off’);
@ini_set(‘error_log’,’/home/path/domain/logs/php_error.log’);
9. Increase PHP Memory:
If you are receiving error messages telling you that your “Allowed memory size of xxx bytes exhausted,” this setting may help resolve the issue. As of WordPress version 2.5, the WP_MEMORY_LIMIT definition enables you to specify the maximum amount of memory that may be used by PHP. Here are some examples:
define(‘WP_MEMORY_LIMIT’, ‘128M’);// M = Megabytes
I hope this will help you to understand by using one configuration file, we can do these possible things as well. So don’t always rely on any plugin, try to use these as well. 🙂
Article Refereed from: http://digwp.com/
KumarShyama 