Jofil Inoc Baring

3 minute read

Wordpress Tutorial

Introduction

As a web developer I often deal with wordpress clients wanting to build, change or migrating their websites to a different platform. There are times, you deal with different environment on setting up your configurations.

The following are my must have on my configurations:

1. DB_NAME, DB_USER, DB_PASSWORD, DB_HOST

The database information. This enable us to connect to our database.

2. WP_SITEURL, WP_HOME

The URL of your site. Defining this constants would make your life easier especially when you are trying to debug your changes in your development environment. You don’t have to look into the wp_options table. Change it in your code and commit your changes. It will then applied into your site. No need to get to your database.

3. WP_POST_REVISIONS

If you don’t want to bloat your database for every revisions made when you save your post. Turning this off, your posts will not be revisioned. This is only applied to newly save posts though. Old revisions will stays as is within your database. You can remove them using mysql and search for post_type=revisions.

4. DISALLOW_FILE_EDIT

There are times, when you have more contributors, you just want to limit their capability. One of them is disabling file edit within wp-admin. Leaving you full control on the editing of your files. This could enhance security to your site. We might not know what your users been doing into your site. ;-)

5. UPLOADS

The uploads directory contant. I never knew the importance on this one until I migrate a Godaddy website into Amazon Lightsail. Wondering why my users won’t able to upload their media. Even giving them write permissions within the filesystem. The culprit is this one is set by Godaddy. You should always check this one to avoid this errors. Settings - Media - Store uploads into this folder

6. FS_METHOD

Tired of filling the ftp credentials when uploading or updating your themes or plugins and it fails? You might need to enable this in here. Setting the value to direct would seamlessly uploads and updates your site.

Conclusion

I know there are many ways to handle your configuration and how to secure your site. This is how I usually set my configuration. How you do it? Share it to everybody.

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
*/

/** MySQL settings - You can get this info from your web host
 * MySQL database name
 * MySQL database username
 * MySQL database password
 * MySQL database hostname
 */
if (in_array($_SERVER['SERVER_NAME'], array('www.inoc.me', 'inoc.me'))) {
    /** Production Configuration */
    define('DB_NAME',     'inoc');
    define('DB_USER',     'inoc');
    define('DB_PASSWORD', 'password');
    define('DB_HOST',     'localhost');
    define('WP_HOME',     'https://inoc.me');
    define('WP_SITEURL',  'https://inoc.me');
} else {
    /* Development Configuration */
    define('DB_NAME',     'inoc');
    define('DB_USER',     'inoc');
    define('DB_PASSWORD', 'password');
    define('DB_HOST',     'localhost');
    define('WP_HOME',     'http://inoc.app');
    define('WP_SITEURL',  'http://inoc.app');
}

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/** Disable post revision. */
define('WP_POST_REVISIONS', false);

/** Disable theme and plugin editing. */
define('DISALLOW_FILE_EDIT', true);

/** Uploads folder. (Optional) */
define('UPLOADS', '/wp-content/uploads/');

/** Filesystem Method. */
define('FS_METHOD', 'direct');

...

References: https://codex.wordpress.org/Editing_wp-config.php

comments powered by Disqus