Tips for your wp-config.php file

The following is a collection of wp-config.php settings and changes that we regularly use and you may find useful. This is by no means exhaustive. See the WordPress Codex for more details.


Set the WP HOME and SITEURL dynamically

This is particularly useful when moving your WordPress site from one domain to another, such as for a staging set up.

/* Custom WordPress URL */
define( 'WP_SITEURL', 'http://' . $_SERVER['SERVER_NAME']);
define( 'WP_HOME', WP_SITEURL);

Set custom paths for wp-content and other WordPress directories

This can be a great security enhancement, but you need to check that all your theme and plugins work correctly.

/* WP directories */
define( 'WP_CONTENT_DIR', ABSPATH . 'wp-content' ); // no trailing slash, full paths only
define( 'WP_CONTENT_URL', WP_SITEURL . '/wp-content');
define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' ); //no trailing slash, full paths only
define( 'WP_PLUGIN_URL', WP_CONTENT_URL . '/plugins' );
define( 'UPLOADS', 'wp-content/uploads' ); // can not be absolute, always relative to ABSPATH, therefore does not require a leading slash

Completely disable XML-RPC

/*========== disable xmlrpc ==========*/
// This must be added at the very bottom of wp-config.php to work.
add_filter('xmlrpc_enabled', '__return_false'); // use this to completely disble XML-RPC functionality

Set WordPress to compress it's static files

/* Compression */
define( 'COMPRESS_CSS', true );
define( 'COMPRESS_SCRIPTS', true );
define( 'CONCATENATE_SCRIPTS', true );
define( 'ENFORCE_GZIP', true );

Force SSL

/* SSL */
define( 'FORCE_SSL_LOGIN', true );
define( 'FORCE_SSL_ADMIN', true );

Want a Trash for the Media Library?

/* Media Trash */
define( 'MEDIA_TRASH', true );

Set the cookie domain

/* Cookies */
define( 'COOKIE_DOMAIN', ''); // cookie domain

Control the file editors within the WP Admin

/* Editing */
define( 'DISALLOW_FILE_EDIT', true); // disable the editing of theme and plugin files
define( 'DISALLOW_FILE_MODS', true); // disable installing new themes and plugins, and updating them

Debug stuff for developers

/* WordPress debug mode for developers */
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', true );
define( 'SCRIPT_DEBUG', true );
define( 'SAVEQUERIES', true );

Don't get default themes from WordPress auto-updates

define( 'CORE_UPGRADE_SKIP_NEW_BUNDLED', true ); // skip wp-content when updating (no default theme updates)
Was this answer helpful? 4 Users Found This Useful (131 Votes)