Tips for your wp-config.php file

The following is a collection of wp-config.php settings and changes that we regularly use and you may find useful. This is by no means exhaustive. See the WordPress Codex for more details.

References:

Set the WP HOME and SITEURL dynamically

This is particularly useful when moving your WordPress site from one domain to another, such as for a staging set up.

/* Custom WordPress URL */
define( 'WP_SITEURL', 'http://' . $_SERVER['SERVER_NAME']);
define( 'WP_HOME', WP_SITEURL);

Set custom paths for wp-content and other WordPress directories

This can be a great security enhancement, but you need to check that all your theme and plugins work correctly.

/* WP directories */
define( 'WP_CONTENT_DIR', ABSPATH . 'wp-content' ); // no trailing slash, full paths only
define( 'WP_CONTENT_URL', WP_SITEURL . '/wp-content');
define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' ); //no trailing slash, full paths only
define( 'WP_PLUGIN_URL', WP_CONTENT_URL . '/plugins' );
define( 'UPLOADS', 'wp-content/uploads' ); // can not be absolute, always relative to ABSPATH, therefore does not require a leading slash

Completely disable XML-RPC

/*========== disable xmlrpc ==========*/
// This must be added at the very bottom of wp-config.php to work.
add_filter('xmlrpc_enabled', '__return_false'); // use this to completely disble XML-RPC functionality

Set WordPress to compress it's static files

/* Compression */
 define( 'COMPRESS_CSS', true );
 define( 'COMPRESS_SCRIPTS', true );
 define( 'CONCATENATE_SCRIPTS', true );
 define( 'ENFORCE_GZIP', true );

Force SSL

/* SSL */
 define( 'FORCE_SSL_LOGIN', true );
 define( 'FORCE_SSL_ADMIN', true );

Want a Trash for the Media Library?

/* Media Trash */
 define( 'MEDIA_TRASH', true );

Set the cookie domain

/* Cookies */
 define( 'COOKIE_DOMAIN', 'www.yourwebsite.com'); // cookie domain

Control the file editors within the WP Admin

/* Editing */
 define( 'DISALLOW_FILE_EDIT', true); // disable the editing of theme and plugin files
 define( 'DISALLOW_FILE_MODS', true); // disable installing new themes and plugins, and updating them

Debug stuff for developers

/* WordPress debug mode for developers */
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', true );
define( 'SCRIPT_DEBUG', true );
define( 'SAVEQUERIES', true );

Don't get default themes from WordPress auto-updates

define( 'CORE_UPGRADE_SKIP_NEW_BUNDLED', true ); // skip wp-content when updating (no default theme updates)
Was this answer helpful? 4 Users Found This Useful (131 Votes)

Related Articles

Sending Email from your WordPress site

All our servers have the capability to send email from your WordPress applications. By default,...

 BackupBuddy Guide

PLEASE NOTE: If you host with WP NET, it's not necessary for you to use a WordPress backup...

 WordPress Revisions

WordPress includes a feature called Revisions, when you save a new version of a Post or Page, the...

 WordPress File Editor

The WordPress file editor is disabled for our Managed WordPress customers by default. The...

 WordPress Performance Tuning and Optimisation Guide

CACHING You should always use a caching plugin with your WordPress sites, this will dramatically...