define( 'WP_POST_REVISIONS', false ); // Or limit to 3 revisions: define( 'WP_POST_REVISIONS', 3 );
Located in the of your WordPress installation (same folder as wp-admin , wp-content , and wp-includes ), this file contains your site’s most sensitive configuration details.
/* That's all, stop editing! Happy publishing. */
For Nginx servers, add a similar rule to your server configuration block.
define( 'WP_DEBUG', true ); define( 'WP_DEBUG_LOG', true ); define( 'WP_DEBUG_DISPLAY', false );
define( 'WP_CONTENT_DIR', dirname(__FILE__) . '/new-content' ); define( 'WP_CONTENT_URL', 'http://example.com/new-content' );
If any of these details are incorrect, your site will display a message.
: Prevents your database from bloating with hundreds of old post drafts. define( 'WP_POST_REVISIONS', 3 ); // Keeps only the last 3 revisions
: Ensures your login credentials are encrypted when you log in. define( 'FORCE_SSL_ADMIN', true );
| Do ✅ | Don't ❌ | |-------|---------| | Set file permissions to 600 or 640 | Leave it readable by everyone ( 644 or 666 ) | | Move it web root if possible | Commit it to public GitHub repos | | Use unique, long salts from WordPress.org salt generator | Hardcode credentials in multiple places | | Keep a secure backup with credentials | Edit it with plain-text-unaware editors that add BOM |
Control how often WordPress empties the trash.
wp config delete WP_DEBUG
When developing, developers often enable specific debug sub-modes:
wp-config.php file is the "brain" of a WordPress site, acting as the essential bridge between your website's files and its database
Marty never returned, though his presence was everywhere: in the labels, in the way the keys felt between the fingers, in a hand-drawn map tucked into the final pages. But his spirit—if a config file can be said to have a spirit—was there, and the attic had become more than a place for old files. It became a way of keeping memory from the indifferent cold of deletion.