Beginner's Guide for WordPress / Start your WordPress Blog in minutes

How to Edit wp-config.php File in WordPress

Did you read a tutorial that asks you to edit your wp-config file, and you have no idea what it is? Well we’ve got you covered. In this article, we will show you how to properly edit the wp-config.php file in WordPress.

What is wp-config.php File?

As the name suggests, it is a configuration file that is part of all self-hosted WordPress sites.

Unlike other files, wp-config.php file does not come built-in with WordPress rather it’s generated specifically for your site during the installation process.

WordPress creating wp-config.php file during the installation

WordPress stores your database information in the wp-config.php file. Without this information your WordPress website will not work, and you will get the ‘error establishing database connection‘ error.

Apart from database information, wp-config.php file also contains several other high-level settings. We will explain them later in this article.

Since this file contains a lot of sensitive information, it is recommended that you don’t mess with this file unless you have absolutely no other choice.

But since you’re reading this article, it means that you have to edit wp-config.php file. Below are the steps to do it without messing things up.

Video Tutorial

Subscribe to WPBeginner

If you don’t like the video or need more instructions, then continue reading.

Getting Started

First thing you need to do is to create a complete WordPress backup. The wp-config.php file is so crucial to a WordPress site that a tiny mistake will make your site inaccessible.

You will need an FTP client to connect to your website. Windows users can install WinSCP or SmartFTP and Mac users can try Transmit or CyberDuck. An FTP client allows you to transfer files between a server and your computer.

Connect to your website using the FTP client. You will need FTP login information which you can get from your web host. If you don’t know your FTP login information, then you can ask your web host for support.

The wp-config.php file is usually located in the root folder of your website with other folders like /wp-content/.

wp-config file is located in the root directory of your WordPress site

Simply right click on the file and then select download from the menu. Your FTP client will now download wp-config.php file to your computer. You can open and edit it using a plain text editor program like Notepad or Text Edit.

Understanding wp-config.php file

Before you start, let’s take a look at the full code of the default wp-config.php file. You can also see a sample of this file here.

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');

/** MySQL database username */
define('DB_USER', 'username_here');

/** MySQL database password */
define('DB_PASSWORD', 'password_here');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.wordpress.org/Debugging_in_WordPress
 */
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Each section of wp-config.php file is well documented in the file itself. Almost all settings here are defined using PHP Constants.

define( 'constant_name' , 'value'); 

Let’s take a closer look at each section in wp-config.php file.

MySQL Settings in wp-config.php File

Your WordPress database connection settings appear under ‘MySQL Settings’ section of the wp-config.php file. You will need your MySQL host, database name, database username and password to fill in this section.

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');

/** MySQL database username */
define('DB_USER', 'username_here');

/** MySQL database password */
define('DB_PASSWORD', 'password_here');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

You can get your database information from your web hosting account’s cPanel under the section labeled databases.

MySQL databases in cPanel

If you cannot find your WordPress database or MySQL username and password, then you need to contact your web host.

Authentication Keys and Salts

Authentication unique keys and salts are security keys that help improve security of your WordPress site. These keys provide a strong encryption for user sessions and cookies generated by WordPress. See our guide on WordPress Security Keys for more information.

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

/**#@-*/

You can generate WordPress security keys and paste them here. This is particularly useful if you suspect your WordPress site may have been compromised. Changing security keys will logout all currently logged in users on your WordPress site forcing them to login again.

WordPress Database Table Prefix

By default WordPress adds wp_ prefix to all the tables created by WordPress. It is recommended that you change your WordPress database table prefix to something random. This will make it difficult for hackers to guess your WordPress tables and will save you from some common SQL injection attacks.

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

Please note that you cannot change this value for an existing WordPress site. Follow the instructions in our how to change the WordPress database prefix article to change these settings on an existing WordPress site.

WordPress Debugging Mode

This setting is particularly useful for users trying to learn WordPress development, and users trying experimental features. By default WordPress hides notices generated by PHP when executing code. Simply setting the debug mode to true will show you these notices. This provides crucial information to developers to find bugs.

define('WP_DEBUG', false);

Absolute Path Settings

The last part of wp-config file defines the absolute path which is then used to setup WordPress vars and included files. You don’t need to change anything here at all.

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');
/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Useful wp-config.php Hacks and Settings

There are some other wp-config.php settings that can help you troubleshoot errors and solve many common WordPress errors.

Changing MySQL Port and Sockets in WordPress

If your WordPress hosting provider uses alternate ports for MySQL host, then you will need to change your DB_HOST value to include the port number. Note, that this is not a new line but you need to edit the existing DB_HOST value.

define( 'DB_HOST', 'localhost:5067' );

Don’t forget to change the port number 5067 to whatever port number is provided by your web host.

If your host uses sockets and pipes for MySQL, then you will need to add it like this:

define( 'DB_HOST', 'localhost:/var/run/mysqld/mysqld.sock' );

Changing WordPress URLs Using wp-config.php File

You may need to change WordPress URLs when moving a WordPress site to a new domain name or a new web host. You can change these URLs by visiting Settings » General page.

WordPress Address and Site Address settings

You can also change these URLs using wp-config.php file. This comes handy if you are unable to access the WordPress admin area due to error too many directs issue. Simply add these two lines to your wp-config.php file:

define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');

Don’t forget to replace example.com with your own domain name. You also need to keep in mind that search engines treat www.example.com and example.com as two different locations (See www vs non-www – Which one is better for SEO?). If your site is indexed with www prefix then you need to add your domain name accordingly.

Change Uploads Directory Using wp-config.php

By default WordPress stores all your media uploads in /wp-content/uploads/ directory. If you want to store your media files in someother location then you can do so by adding this line of code in your wp-config.php file.

define( 'UPLOADS', 'wp-content/media' );

Note that the uploads directory path is relative to the ABSPATH automatically set in WordPress. Adding an absolute path here will not work. See out detailed guide on how to change default media upload location in WordPress for more information.

Disable Automatic Updates in WordPress

WordPress introduced automatic updates in WordPress 3.7. It allowed WordPress sites to automatically update when there is a minor update available. While automatic updates are great for security, but in some cases they can break a WordPress site making it inaccessible.

Adding this single line of code to your wp-config.php file will disable all automatic updates on your WordPress site.

define( 'WP_AUTO_UPDATE_CORE', false );

See our tutorial on how to disable automatic updates in WordPress for more information.

Limit Post Revisions in WordPress

WordPress comes with built-in autosave and revisions. See our tutorial on how to undo changes in WordPress with post revisions. However, if you run a large site revisions can increase your WordPress database backup size.

Add this line of code to your wp-config.php file to limit the number of revisions stored for a post.

define( 'WP_POST_REVISIONS', 3 );

Replace 3 with the number of revisions you want to store. WordPress will now automatically discard older revisions. However, your older post revisions are still stored in your database. See our tutorial on how to delete old post revisions in WordPress.

We hope this article helped you learn how to edit wp-config.php file in WordPress and all the cool things you can do with it. You may also want to see our article on 25+ extremely useful tricks for WordPress functions file.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit – a collection of WordPress related products and resources that every professional should have!

Reader Interactions

56 CommentsLeave a Reply

    • That would require changes to your htaccess or a different file, we would recommend reaching out to your host for assistance with what you’re wanting to do.

      Admin

  1. Hi there, great article. I’m having a problem with my website mobile version. When I try to open it on the mobile phone it says “This site is experiencing technical difficulties”.
    What should I do to make my site work again properly?
    Thanks in advance

  2. Syed, all of a sudden, I can’t upload images (message: missing a temporary folder). Tried to log into WordPress to check support blogs and my username is not recognised.

  3. I am a newbie at wordpress. I uploaded the files via Filezilla and got everything configured. Now how exactly do I actually access my new wp-blog site?

    Wp is in the root (public_html) of my website. There were several other file folders that came with Wp. Do I upload them into the public_html folder as well?

  4. Hi, I found out when I was installing WordPress, it was installed in subdirectory Wp and has a result my website can’t go live, my web host said I have to uninstall and install again and I should leave the Wp in the Installation panel blank, my problem is that I have designed the website only to go live and once I uninstall everything will be wiped off, what do I about it, Is there a way to avoid that?

  5. Hi,
    Thank you for the useful article.
    I’m new to this file and I have a basic question. I changed the cache plugin of my site and I need to change the line about it at the beginning of the file to override details of the previous plugin.
    Once my file is updated, can I upload it while the cache plugin is activated, and deactivate/reactivate it just after, or do I have to deactivate the plugin before uploading the new wp-config file ?
    Thanks for your help.

    • If your plugin is requiring you to edit your wp-config file you would normally want to edit the wp-config file before activating your new plugin.

      Admin

  6. hi, i have a wordpress site, i want edit my wordpress site in local, but when i already backup and run my wordpress in local. the page is full of white. can you help me ? im beginner in wordpress

  7. I have updated my website (lostkatanning.com) o WP 5.1 (the Gutenberg update) but now, when working on pages or posts it has slowed right down to a crawl and takes forever to respond to even a single key touch. I have tried numerous things from various websites but nothing seems to work. It is starting to do my head in! Any ideas on how to get my speed back?

  8. Hi
    I have a wordpress site. Today I realized my wp-config.php file has been removed for no reason (The reason is not important for me right now).

    I want to know what happens if I create another wp-config.php file in the root directory of my website by renaming the wp-config-sample.php file again and set the database name blah blah blah

    does it affect my pages and posts? How about the users who have signed up to my website? does it remove them? If the answer is yes, isn’t it better for me to restore backup? The only problem for restoring backup is that it is for two days ago and I posted a new content yesterday and I will miss it.

    Thank you very much in advance

    • Your user and post information is in the database so that information shouldn’t be affected, as long as you connect it to your correct database then there shouldn’t be any change.

      Admin

  9. Hello,
    How do I edit wp-config for setting other smtp using WP smtp plugin ?

    Plugin says, “The password is stored in plain text. We highly recommend you setup your password in your WordPress configuration file for improved security; to do this add the lines below to your wp-config.phpfile.

    define( ‘WPMS_ON’, true ); define( ‘WPMS_SMTP_PASS’, ‘your_password’ ); ”

    Where do I exactly add the code ? It don’t shown in tutorial video or article of Wpbeginner.

  10. Hi, I just updated my WordPress to new version manually using FileZilla. My website was working. But then, I did some update inside wp-config.php file. Now the size of that file on server has become ‘0’. Even if I update it from local PC, it still remains ‘0’. What should I do? Now website is not working. I am getting – HTTP Error 500

    • Hi Gaurav,

      You can download a fresh copy of WordPress and extract it on your computer. Inside it you will find a wp-config-sample.php file. You can upload this file to your server and rename it to wp-config.php. You will now need to edit wp-config.php file and enter your WordPress database information.

      Admin

  11. I have an intranet-based wordpress site that I’m setting up. I’m having issues with the proxy configuration in wp-config.php. I’ve tried about everything I know and I still keep getting ‘Proxy Authentication Required” errors.

    define(‘WP_PROXY_HOST’, ‘https://proxy.domain.com’);
    define(‘WP_PROXY_PORT’, ‘3128’);
    define(‘WP_PROXY_USERNAME’, ‘domain\\username’);
    define(‘WP_PROXY_PASSWORD’, ‘xxxxxx’);
    define(‘WP_PROXY_BYPASS_HOSTS’, ‘localhost’);

    Our internal wordpress site can detect that there are new versions of plug-ins but when I try to update I get the proxy authentication error. I’ve tried the variables above with https, http, just proxy.domain.com, the username escaping the \, not escaping the backslash, etc. I looked at the code in class-wp-http-proxy.php and it appears the authentication connects the username with a : and then the password like the http(s)_proxy environment variable. I’ve tried local host for the bypass and an empty string. Our Windows domain uses an file; is there a place to specify this?

    I get the same proxy authentication errors trying to download anything from the internal wordpress site.

    Error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /var/www/epkb.mw-process-ctrl.com/public_html/wp-admin/includes/plugin-install.php on line 168

    I’m also having an issue with php’s file_get_contents if that’s something wordpress uses. cURL works fine.

    Any ideas?

    Thanks

      • I have curl installed.

        It lists ipV6 as yes but I have ipV6 disabled since our network doesn’t support it.

        I think the problem is authenticating with our proxy. On the server I use:

        (the \ is escaped when setting the env variables). Above is my wp-content proxy settings.

        I’m using ufw for my firewall and have tried with it enabled & disabled with the same results.

        Any other ideas?

        Thanks

    • Hey Jon,

      Yes, they are effectively immediately. However, if you are editing wp-config file in a text editor on your computer, then simply saving your changes may not change the wp-config.php file on your server. You will need to upload the changed wp-config.php file back to your server for changes to take effect.

      Admin

      • What’s the best way to upload the changed wp-config.php file back to the server?

        Can the tutorial be updated with how to upload the adjusted config file? The tutorial seems to be incomplete for the (relative) novice

  12. I did something silly , i removed the www part from wp site url under Setting-General . Now admin panel is getting redirected to wordpress one. i used your steps to copy both lines with modification and uploaded via ftp . No luck .Plz help

  13. Excellent post. I am a newbie and learned a lot.

    I have an issue with my site. It looks like I have been hacked. I ran WordFence scan and it caught a line of code in my wp-config.php file that it flagged as not belonging there. Following is the code:

    My question is this. Can I remove the "@include…" from the file without screwing up the .php file.

    Any guidance will be appreciated.

    • Hi Boris,

      Is the file part of the core WordPress software, a plugin, or a theme? If yes, then download a fresh copy of WordPress core, plugins, or theme the file belongs to and then upload the new file.

      You can also download the file to your computer before editing the code as a backup. If anything goes wrong you can then upload it back.

      Admin

  14. I’m having problems accessing site. I debugged and am getting a list of problems but most seem to come back to this one:

    “Notice: get_settings is deprecated since version 2.1.0!
    Use get_option() instead. in /usr/local/pem/vhosts/xxxxxx/webspace/siteapps/WordPress-xxxxx/htdocs/wp-includes/functions.php on line 3752″

    But line 3752 reads:
    ” trigger_error( sprintf( __(‘%1$s is deprecated since version %2$s! Use %3$s instead.’), $function, $version, $replacement ) ); ”

    So i’ve no idea what to replace. I’m sure this is 101 stuff to you, but I’m really confused!! I would really appreciate your advice, thank you.

    • Found your section on disabling plugins – which was a great help as the the site is now viewable whilst I try to resolve. This is the message I see now when logged in WP Admin

      ” Catchable fatal error: Argument 1 passed to Genesis_Admin_CPT_Archive_Settings::__construct() must be an instance of stdClass, instance of WP_Post_Type given, called in /usr/local/pem/vhosts/xxxxxx/webspace/siteapps/WordPress-xxxxxx/htdocs/wp-content/themes/genesis/lib/admin/menu.php on line 122 and defined in /usr/local/pem/vhosts/xxxxxx/webspace/siteapps/WordPress-xxxxxx/htdocs/wp-content/themes/genesis/lib/admin/cpt-archive-settings.php on line 38 ”

      Am in a spot of bother and could really use your help – thank you!

      • Hey Steph,

        Try updating your Genesis child theme. Connect to your website using FTP and download your child theme as a backup. After that delete child theme folder from your website.

        Next, download a fresh copy of the theme and install it. If this doesn’t work, then try updating Genesis core itself.

        Admin

  15. Hi,
    I did something silly and now can’t get my site to work. Basically I kept my site live at said URL example.com and created a folder where I built the WordPress site example.com/Wordpress. However when I went to put the wordpress site into the root folder after backing everything up I forgot to change the site URL in the dashboard. i basically then removed my entire site and copied everything from the wordpress site into the root URL. It didn’t work – so I thought I would remove everything and restore my site as it was with both the wordpress and the normal site working.

    However once I restored all the files the wordpress site now errors with 404 Page not found and I can’t login into the dashboard either.

    Any idea how I can restore this? I think it is looking in the root directory and WordPress folder for the site or something similar and it’s causing the error – but how do I fix it?

    Thanks
    Sean

    • Hi Sean,

      You can update WordPress URLs by adding this code to your wp-config.php file:

      define('WP_HOME','http://example.com');
      define('WP_SITEURL','http://example.com');

      Admin

  16. Hello i would like to have it when i upload an image it gets uploaded to my cloud from wordpress.
    i got a url & api key.
    Any suggestions would be cool. thanks.

  17. Nice instructions, as far as they go. However, I know it is ALSO possible to edit wp-config.php directly through WordPress’ Admin area but it seems to be a closely guarded secret as to HOW to actually do this. I do not have FTP access to my site so I have to use some other method and I’d rather not go chasing down the rabbit hole of trying out various flaky plugins until I find one that actually works. Your assistance as to what menu drill-down to explore in WordPress Admin would be greatly appreciated.

    • It is not a good idea to edit wp-config.php file inside WordPress admin area. One tiny mistake and you will be locked out of your WordPress site. If you do not have FTP access, you can try editing it via cPanel’s file manager.

      Admin

  18. I don’t want to sound stupid, but please help me understand… are the wp-config.php changes supposed to be made on my Mac or on the host for my website. They are two different machines.
    Please help! I keep making changes to my web site and all of a sudden they just do not ‘take’.
    Best regards,
    Angela

    • You can make changes to wp-config.php file using an FTP client. It allows you to edit files on your web server. After connecting to your website using an FTP client, you need to locate wp-config.php file and download it to your computer. Make changes it to it using a text editor like TextEdit. Save your changes and then upload the file back to your web server using the FTP client.

      Admin

  19. Ok, so I added define(‘WP_ALLOW_REPAIR’, true); to my downloaded wp config file with notepad. Now what?

    • Once you have done that, you can see the settings by visiting this URL on your blog:

      yoursite.com/wp-admin/maint/repair.php

      You have 2 buttons
      1st – Repair Database
      2nd – Repair and Optimize Database

      I suggest u click the 1st one and wait for the process to finish.

  20. Hi,

    For security I add to my .htaccess

    <files wp-config.php>
    order allow,deny
    deny from all
    </files>

    Kind regards

Leave a Reply to Angela Cancel reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.