Useful Configuration Tweaks for wp-config.php

wp-config.php is where you set up the most important settings

wp-config.php (as you may guess from the name) is a configuration file that allows you to define all the important settings for WordPress. When you first install WordPress, you’ll upload the default wp-config-sample.php, which you’ll need to modify and rename. From then on, you can go on editing wp-config.php.

Keep wp-config.php secure

There’s two ways of achieving this – you can either move the wp-config.php file out of your public_html folder, into your hosting’s main root folder above public_html. This way, it’s out of reach to the public. Alternatively, you can use .htaccess to deny access to it. This involves pasting the following into .htaccess:

The important tweaks

Most of the important setup information that goes in wp-config.php I have covered in other tutorials, so I’m going to link you to those tutorials in case you haven’t set those things up yet:

The personalised tweaks

Beyond the important tweaks above, you have a bunch of other tweaks that are more like personalised options, that will dictate how your site should be run, particularly behind the scenes.

Set your homepage

You can override values set in your General Settings by defining the Site URL and the Blog URL in wp-config.php. Use the following definitions:

Change Autosave Interval

By default, WordPress saves your progress every 60 seconds, but you can change that using this definition, where the value is in seconds:

Configure Post Revisions

WordPress allows you to keep the last several copies of a WordPress post, so that if you make a mistake, you can revert to an older version. You can either disable this feature (to reduce your database size) or set the maximum number of versions WordPress should keep:

Debug mode

If you’re experiencing issues with your site, or you’re developing a plugin or theme, you might find it useful to turn on the debug mode, to highlight any issues. It defaults to false, so you only need to specify it if you want to use it:

Increase PHP Memory Limits

A frequent issue that some WordPress users encounter is that they run out of PHP memory when doing memory intensive tasks. You can define a memory limit for WordPress using the following definition, changing the value to your preferred maximum limit:

Change the Language WordPress Uses

Sprechen Sie Deutsch? ¿Hablas español? If English isn’t your first language, you can set a different language for WordPress to use. Use one of these language codes and define it in wp-config.php:

The .mo file will need to exist in wp-content/languages for this to work. If it’s somewhere else, you can define the folder that the language file is in:

Override default permissions

If your host is setting your file permissions too restrictive, or you just need to change them from the WordPress default, you can define what they should be for files and directories with these definitions (these are the recommended settings by the way):

Specify FTP and SSH information

Depending on your host’s setup, WordPress may ask you for FTP information whenever you try and update/upload something. or you may just prefer to use SSH instead of FTP. So you can use all of the following definitions to define, in order:

  1. FileSystem Method – either direct, ssh2, ftpext or ftpsockets
  2. FTP Base – where your WordPress installation is located
  3. Content Directory – set the location of your wp-content folder
  4. Plugin Directory – set the location of your plugins folder
  5. Public Key – the location of your SSH public key
  6. Private Key – the location of your SSH private key
  7. FTP User – the FTP or SSH username
  8. FTP Pass – the password associated with the FTP User (not needed for SSH public key authentication)
  9. FTP Host – the host and port of your FTP/SSH server (FTP port defaults to 21 and SSH to 22 if not specified)
  10. FTP SSL – use SFTP, if supported by your server

Take the Trash Out

By default, WordPress permanently deletes any post marked as trash after 30 days, but you can specify the number of days it should wait before doing this. Alternatively, you can disable the trash feature, by setting the duration to 0.

Allow Database Repairs

WordPress has a built-in feature that enables automatic database repair in case the database gets corrupted. If you encounter problems with your database, try setting this definition:

Limit Plugin/Theme edits and installations

If you want to remove the ability for users to install or edit themes or plugins, you can use the following definitions to take care of that. The first will disable the editors, but still allow installations and updates of themes/plugins, whereas the second definition will disable all of these functions:

There’s a few more definitions that you can set, but they’re much more obscure and chances are that you won’t need them. Have you tricked out your wp-config.php file now? And perhaps more importantly, have you secured it?

11 thoughts on “Useful Configuration Tweaks for wp-config.php”

  1. Paul Salmon says:

    I think out of all of the above tweaks, the WP_MEMORY_LIMIT option is probably the most used as people run into the out of memory errors once they start loading plugins and large themes.

  2. My favorite is DISALLOW_FILE_MODS. I usually enable it along with “WP Updates Notifier” so that plugins are updated manually on regular intervals.

  3. Thanks Dave! exactly what I was searching for.. all the important wpconfig.php tweaks in a nutshell.. really useful.. thanks a lot!!

  4. Carsten says:

    Hi Dave, this is a great ressource. I’m looking for wp-config.php tweaks since 2 years now, and yours is the best list, I’ve found since now. Thank you.

    One thing in addition:

    * Make WordPress core updates ONLY update the core
    * without Akismet & Hello Dolly
    define( ‘CORE_UPGRADE_SKIP_NEW_BUNDLED’, true);

    1. Oooh, I’d never heard of that one before. I haven’t tried it, but if it works, that would be a nice little tweak. I hate having to delete Hello Dolly every time I update WordPress!

  5. Melissa says:

    I put define(‘DISALLOW_FILE_MODS’,true); in my functions.php and now I can’t access the plugin or theme editor, can’t add new plugins or even access the settings of some plugins. Is there a way to fix this? I can’t find anything on the internet and I’m getting no help from WordPress support. Any help would be much appreciated!

    1. You’ll need to access your functions.php file from either FTP or your host’s file manager.

  6. Cat Scholz says:

    Do you know how to fix this problem:

    I added:

    define( ‘DISALLOW_FILE_EDIT’, true );

    to wp-config.php and then when I deleted it, the plugins did not come back.

    I tried changing them to:


    but that did not work.

    Any clues? Thanks.

    1. Maybe it’s a caching issue? Deleting those lines should absolutely bring the editors back, assuming you are logging in with an account that has the permissions to use them. Also bear in mind that if you’re on Multisite, they appear in Network Admin and not in individual site dashboards.

      1. Cat Scholz says:

        Thanks Dave –

        I’ve done the following and no success with being able to add plugins:

        – logged out and in
        – cleared my browser cache and cookies
        – added define(‘DISALLOW_FILE_MODS’,false); to wp-config.php, logged out and in

        Also, I see that there is no caching plugin installed, no caching directive in wp-config.php and no folder called /cache/ in wp-content to clear.

        Dreamhost support said I would probably need to reintall WordPress (ouch).

        Any other ideas? Add a caching statement to wp-config.php?

        Thank you much!


        1. I would just delete the DISALLOW rules from wp-config.php. I wouldn’t listen to Dreamhost: makes no sense to reinstall WordPress. You’re not running Multisite right? Beyond that, without taking a look, I couldn’t offer up anything else.

Leave a Reply