Tips for your wp-config.php file

The following is a collection of wp-config.php settings and changes that we regularly use and you may find useful. This is by no means exhaustive. See the WordPress Codex for more details.

Set the WP_SITEURL and WP_HOME dynamically

This is particularly useful when you need to  access your site using a different domain than is set in the WordPress database, such as when using the Plesk Preview URL.

This version sets the URL prefix based on the $_SERVER global variable, and so will work
whether you access the site using https:// or http://
*/ define( 'WP_SITEURL', ($_SERVER['HTTPS'] ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] ); define( 'WP_HOME', WP_SITEURL ); /* Use this version if the above doesn't work. Set the URL prefix as required */ define( 'WP_SITEURL', 'http://' . $_SERVER['SERVER_NAME'] ); define( 'WP_HOME', WP_SITEURL );

Switch WordPress to a new Domain

If you need to move your site to a new domain (or a new subdomain, or a new folder), define this constant in your wp-config.php file to update the WP_SITEURL and WP_HOME options in the WordPress database:

define( 'RELOCATE', true );

After setting this constant, log in to the WP Admin using the new domain and the WP_SITEURL and WP_HOME values will be updated in the database. To confirm, go to the General Settings page. After confirming the changes, delete the above from your wp-config.php.

IMPORTANT: This does not update the hard-coded links in your content. To change them, you should use the plugin such as Better Search Replace to rewrite the old URLs.

Completely disable XML-RPC

Use this to completely disable XML-RPC functionality.
This must be added at the very bottom of wp-config.php to work.
add_filter( 'xmlrpc_enabled', '__return_false' );

Set WordPress to compress it's static files

/* Compression */
define( 'COMPRESS_CSS', true );
define( 'COMPRESS_SCRIPTS', true );
define( 'CONCATENATE_SCRIPTS', true );
define( 'ENFORCE_GZIP', true );

Force SSL

/* SSL */
define( 'FORCE_SSL_LOGIN', true );
define( 'FORCE_SSL_ADMIN', true );

Use a Trash for the Media Library

/* Media Trash */
define( 'MEDIA_TRASH', true );

Set the cookie domain

/* Cookies */
define( 'COOKIE_DOMAIN', '' ); // cookie domain

Control the file editors within the WP Admin

/* Editing */
define( 'DISALLOW_FILE_EDIT', true ); // disable the editing of theme and plugin files
define( 'DISALLOW_FILE_MODS', true ); // disable installing new themes and plugins, and updating them

Debug stuff for developers

/* WordPress debug mode for developers */
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', true );
define( 'SCRIPT_DEBUG', true );
define( 'SAVEQUERIES', true );

Don't get default themes from WordPress auto-updates

/* Skip wp-content when updating (no default theme updates) */
Was this answer helpful? 4 Users Found This Useful (131 Votes)