What is wp-config.php in WordPress? How to edit wp-config File

Frances Henry

Confusing the issue is that WordPress has three (3) constants that look like they could do the same thing. First off, remember that if WP_DEBUG is false, it and the other two WordPress DEBUG constants do not do anything. The PHP directives, whatever they are, will prevail. Except for ‘error_reporting’, WordPress will set this to 4983 if WP_DEBUG is defined as false. Second, even if WP_DEBUG is true, the other constants only do something if they too are set to true. If they are set to false, the PHP directives remain unchanged. For example, if your php.ini file has the directive (‘display_errors’ = ‘On’); but you have the statement define( ‘WP_DEBUG_DISPLAY’, false ); in your wp-config.php file, errors will still be displayed on screen even though you tried to prevent it by setting WP_DEBUG_DISPLAY to false because that is the PHP configured behavior. This is why it’s very important to set the PHP directives to what you need in case any of the related WP constants are set to false. To be safe, explicitly set/define both types. More detailed descriptions of the WP constants is available at Debugging in WordPress.

Johanne Slattery

Hrvatski •
Italiano •

の編集 日本語
Português do Brasil •

Русский •

ไทย •

中文(简体) •
(Add your language)

Lynn Austin

As of WordPress Version 2.2, DB_COLLATE was made available to allow designation of the database collation (i.e. the sort order of the character set). In most cases, this value should be left blank (null) so the database collation will be automatically assigned by MySQL based on the database character set specified by DB_CHARSET. Set DB_COLLATE to one of the UTF-8 values defined in UTF-8 character sets для большинства западноевропейских языков.

How to Edit wp-config.php File From Within WordPress Without FTP?
Clemmie Sapp

The most common way to edit this file is to access your WordPress hosting space via cPanel File Manager or an FTP agent like FileZilla. In some cases, WordPress users either don’t have access to FTP server or just want to edit wp-config.php file from within WordPress Admin Panel. Below I’ll mention 2 plugins that give you the ability to edit your WordPress configuration file (wp-config.php) directly from within WordPress Admin panel.

How to Edit wp-config.php File in WordPress
Tanya Yates

“A constant is an identifier (name) for a simple value. As the name suggests, that value cannot change during the execution of the script (except for magic constants, which aren’t actually constants). A constant is case-sensitive by default. By convention, constant identifiers are always uppercase.”

How to edit wp-config.php file in WordPress
Ma Gentile

The file called wp-config.php is the main configuration file for any WordPress website. It’s always located in the root folder of the domain’s WordPress installation. Unlike other basic WordPress files, it’s generated specifically for your website during the installation. It keeps information about the database for your website and some other essential settings.

As it contains  important information, we do not recommend editing it without making a backup of the file or even the website.

You can find it in cPanel > Files section > File Manager menu > root folder of the WordPress installation:

There are several ways to edit it:

1.  Via cPanel File Manager menu > select the needed wp-config.php file > click on Code Editor button:

2.  Download the file to your device and use any text editor, like Notepad or TextEdit, to make the changes. Once done, you will need to reupload the file to the hosting account.

Understanding wp-config.php file

Before we get to the actual editing of the file, let’s take a look at the basic wp-config.php file code.
Here’s an example of the default WordPress wp-config.php file:

Each section of this file is well documented in the file itself. Almost all the settings are defined by using PHP constants:

define( ‘constant_name’ , ‘value’);
Let’s take a look at each section.

MySQL database settings in wp-config.php file

The connection of your WordPress website with the database is configured in a section MySQL Settings:

// ** MySQL settings – You can get this info from your web host ** //
/** The name of the database for WordPress */
define(‘DB_NAME’, ‘cPanelusername_wp792’);
/** MySQL database username */
define(‘DB_USER’, ‘cPanelusername_wp792’);
/** MySQL database password */
define(‘DB_PASSWORD’, ‘[email protected][24S’);
/** MySQL hostname */
define(‘DB_HOST’, ‘localhost’);
/** Database Charset to use in creating database tables. */
define(‘DB_CHARSET’, ‘utf8mb4’);
/** The Database Collate type. Don’t change this if in doubt. */
define(‘DB_COLLATE’, ”);
If you are installing WordPress using Softaculous Script Installer, these settings are filled in automatically without a need to make any changes from your side.

However, if you are installing WordPress manually, you will need to fill in the following lines:

DB_NAME – name of the database you are using for the website.
DB_USER – name of the user assigned to this database.
DB_PASSWORD – password for the user assigned to the database.
DB_HOST – you need to use exactly ‘localhost’ or ‘’.

This information can be checked in cPanel > Databases section > MySQL Databases menu:

Authentication Keys and Salts

Unique Authentication Keys and Salts help to improve the security of your WordPress website. They provide strong encryption for user sessions and cookies generated by WordPress.

/**#@+ * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define(‘AUTH_KEY’,         ‘sl4tjdnklmba7y5slkmbtmjlpiq5sktqf5atkkyf4lqchy6xqdfmdq8q8fffqetw’);
define(‘SECURE_AUTH_KEY’,  ‘v53il73qlah16db21i7cfk3zdrgxxm3ofv3elfaqnnfhvi5z1aemqr0xydcux9mw’);
define(‘LOGGED_IN_KEY’,    ‘m7enmciil9jn3z4knrp9edo3e4ihl16rf5no1nradv8kd7h7zfvr3np9ot29ew2t’);
define(‘NONCE_KEY’,        ‘kreqjwqb3z6werlv5cx10jykskpe3yogq50lsjszskmabyuaksm8mgd7vskl5hid’);
define(‘AUTH_SALT’,        ‘trijiliazfic2dboijugdbolyfj9s3iu4sxidbooavcdmejqe6xv9obmrydzqg7c’);
define(‘SECURE_AUTH_SALT’, ‘p2d6b1hunwij3fokmkejia3loyvzrlvonxslgzbxusz4ytbmajfy30vfwhofophs’);
define(‘LOGGED_IN_SALT’,   ‘9luoa41irvafroggy9xqedd4qeltyouxpqrajky9p2y3jecduabpbx9vjpouzfab’);
define(‘NONCE_SALT’,       ‘belb5oknpapd0pgiifjgrsbizorkedyjed50omvjhlru65iohsk90l4dojisbdqa’);
In the example above you can see that keys have been already installed and you can simply update them if it’s needed. However, you can also come across ‘put your unique phrase here’ message in the settings, which means that keys have not been installed yet and you need to add them:

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define(‘AUTH_KEY’,         ‘put your unique phrase here’);
define(‘SECURE_AUTH_KEY’,  ‘put your unique phrase here’);
define(‘LOGGED_IN_KEY’,    ‘put your unique phrase here’);
define(‘NONCE_KEY’,        ‘put your unique phrase here’);
define(‘AUTH_SALT’,        ‘put your unique phrase here’);
define(‘SECURE_AUTH_SALT’, ‘put your unique phrase here’);
define(‘LOGGED_IN_SALT’,   ‘put your unique phrase here’);
define(‘NONCE_SALT’,       ‘put your unique phrase here’);
You can generate new keys by visiting this link https://api.wordpress.org/secret-key/1.1/salt/. Just copy and paste keys to the wp-config.php file.

Updating these keys is rather important if you suspect your WordPress installation was hacked. Changing authentication keys will log out all authorized users from the system and make them log in once again.

WordPress Database Table Prefix

By default WordPress adds wp_ prefix to all tables created by the installation:

 * WordPress Database Table prefix.
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
$table_prefix  = ‘wp_’;
It’s recommended changing this prefix to a custom one for security reasons. This can prevent hacker attacks to your website as it protects (prevents is used two times in the same sentence) from guessing your WordPress table names.

It’s quite easy to change the prefix while installing WordPress. However, it will require several steps from you in order to make the changes for existing websites.

Go to cPanel > Databases section > phpMyAdmin menu > choose the necessary database from the left side > click on SQL option above:

Here you need to run queries  RENAME SQL on tables in your WordPress database:

RENAME table `wp_commentmeta` TO `newprefix_commentmeta`;
RENAME table `wp_comments` TO `newprefix_comments`;
RENAME table `wp_links` TO `newprefix_links`;
RENAME table `wp_options` TO `newprefix_options`;
RENAME table `wp_postmeta` TO `newprefix_postmeta`;
RENAME table `wp_posts` TO `newprefix_posts`;
RENAME table `wp_terms` TO `newprefix_terms`;
RENAME table `wp_term_relationships` TO `newprefix_term_relationships`;
RENAME table `wp_term_taxonomy` TO `newprefix_term_taxonomy`;
RENAME table `wp_usermeta` TO `newprefix_usermeta`;
RENAME table `wp_users` TO `newprefix_users`;
NOTE: newprefix_ should be replaced with the new database prefix you wish to have instead of wp_.

Hit Go to proceed with this changes:

Once done, you will see the new database prefix has been applied to your WordPress database:

After that you will need to search the options table for any other fields that are using wp_ as a prefix in order to replace them. It is necessary to run the following query in the same way:

SELECT * FROM ‘newprefix_options’ WHERE ‘option_name’ LIKE ‘%wp_%’

Then click Go and you will get the a result as on in the screenshot below:

Here you will need to go one by one to change these lines and replace the old database prefix with the new one. Once done, we need to search for usermeta for all fields that are having  have wp_ as a prefix with the help of this SQL query:

SELECT * FROM `newprefix_usermeta` WHERE `meta_key` LIKE ‘%wp_%’
After that click Go and the following results will appear:

The number of entries may vary depending on how many plugins you are using and such. Here you need to change everything with wp_ to the new prefix as well.

Once done, make sure that you update your wp-config.php file with the new database prefix:

Also, you can change the database prefix using special plugins like Change DB prefix or Change table prefix.

WordPress debug mode

This feature can be useful for users, that are learning WordPress development or trying to use some experimental functions and options. By default WordPress hides notifications, which are generated by PHP during code execution.

 * For developers: WordPress debugging mode.
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 * @link https://codex.wordpress.org/Debugging_in_WordPress
define(‘WP_DEBUG’, false);
/* That’s all, stop editing! Happy blogging. */
If you change the following line from false to true, WordPress will show all PHP notifications.
define(‘WP_DEBUG’, true);
The last part of the wp-config.php file defines the absolute path, which is used for settings of WordPress vars and included files. There is no need to change anything here:

/** Absolute path to the WordPress directory. */
if ( !defined(‘ABSPATH’) )
    define(‘ABSPATH’, dirname(__FILE__) . ‘/’);
/** Sets up WordPress vars and included files. */
require_once(ABSPATH . ‘wp-settings.php’);

Most common changes, which can be applied via wp-config.php file

All additional lines in the wp-config.php file should be added after the following line:

/* That’s all, stop editing! Happy blogging. */

Changing MySQL port and sockets in WordPress

By default we are using port 3306 for MySQL host. However, if for some reason it should be changed (for example, on a VPS or a dedicated server), you will need to change DB_HOST line so it includes port number as well. For example:

define( ‘DB_HOST’, ‘localhost:5067’ );
In this example, you can see port 5067. However, it can be changed according to the settings you need to apply. So do not forget to make the necessary changes.

If the host uses sockets or pipes for MySQL, you will need to change DB_HOST line in a similar way:

define( ‘DB_HOST’, ‘localhost:/var/run/mysqld/mysqld.sock’ );
The exact changes must checked with your hosting provider.

Changing WordPress URLs

Sometimes it is required to change WordPress URLs. For example, you have changed the domain of web hosting service. You can apply the change in a WordPress admin dashboard or a database assigned to the website. However, you can also make these changes via the wp-config.php file. This can be quite useful, when you can’t access your WordPress admin dashboard.
In order to apply the changes, you will need to add the following lines:

Do not forget to change ‘http://example.com’ to your real website’s domain, which can also contain https or www.

Changing upload directory

By default WordPress stores all your media uploads in /wp-content/uploads/ folder. If you like to store the files in other place, you can add the following lines to the wp-config.php file:

define( ‘UPLOADS’, ‘wp-content/newfolder’ );
‘newfolder’ can be changed to any folder name you are going to store the files in.

Disabling automatic WordPress updates

Starting from WordPress WordPress version 3.7 developers have added an automatic update option. It’s good for the security of your website for sure. However, the update can simply break your website and make it unreachable. If you add this simple code to your wp-config.php file you will disable the automatic updates for the installation:

define( ‘WP_AUTO_UPDATE_CORE’, false );

Changing the limit of post revision in WordPress

WordPress platform has a built-in option for autosave and revisions of the posts. If you have a large website, revisions can significantly increase the size of your database. You can change the number of the revisions stored for a post by adding the following line to the wp-config.php file:

define( ‘WP_POST_REVISIONS’, 3 );
Number ‘3’ should be changed to number of revisions you would like to store.


Sometimes after a plugin activation or some actions in WordPress, you can get a message that you need to increase wp_memory limit. In order to do so, add the following line to the wp-config.php file:

define(‘WP_MEMORY_LIMIT’, ’64M’);
Limit ’64M’ in this example can be changed to the limit you need.

That’s it!

Need any help? Contact our HelpDesk

How to Make Changes to the wp-config.php File in WordPress
Arnold Moreno

The first setting in the wp-config.php file is the way WordPress accesses the database. In reality, the only time you would want to make changes to this portion is if you transfer the website or you’re using a backup copy for restoration. Otherwise, changes to the database can cause a variety of issues with the site. For example, your posts will be different or completely gone.

Be the first to comment

Leave a Reply

Your email address will not be published.