Dissecting the WordPress 5 Minute Install (Part 4)
The Famous WordPress 5-Minute Install:
Edit Config File
“With our famous 5-minute installation, setting up WordPress for the first time is simple.”
This is the fourth article in the Dissecting the WordPress 5 Minute Install article series. Read more:
- WordPress 5 Minute Install: Before You Begin
- WordPress 5 Minute Install: Creating Databases
- WordPress 5 Minute Install: Rename Config File
This series reveals what all the mumble, jumble and jargon within the WordPress.org codex sounds like from a beginner’s perspective. We methodically pick apart the WordPress 5 Minute Install process to study it and explain what it means. Our goal is to guide beginners to a point where they will actually be able to use the WordPress 5 minute install handy guide.
The WordPress 5 Minute Install Step 4
What it means for beginners:
Beginners are extremely hesitant when it comes to opening and editing files. They are terrified that they are going to break something and then have absolutely no way of getting it back.
Have no fear all you beginners! At this point in the game there is not a lot you can do that cannot be undone. You simply have not yet accidentally deleted enough files. Trust me, there comes a time not to far from now when you will experience the thrill of knowing where to go to get the file just deleted by accident and be able to grab a new one to try again.
Right now, your WordPress files are just files. They are all the same as anyone else who is at this point in the WordPress 5 minute install. Everyone’s files are exactly the same. This is your first big clue to being able to replace a file should it not work and be able to begin again. Seriously… what is the worst that can happen? So what if you accidentally delete a file?
Don’t sweat it. You know this. You know that you can download another zip file of the WordPress files. You know how to open the zip file. You know how to change the name of the wp-config.php file. You already have all the tools and experience to get you back to right where you are, when and if something catastrophic happens.
By now, you should have downloaded and installed your text editor on your computer. Here is the list of the text editors mentioned in earlier steps, NotePad++ (Windows), TextWrangler (Mac), Sublime Text 2 (Windows & Mac) and Coda 2 (Mac). Once installed your text editor will show up in the right place and at the right time. We don’t even need to open it. It will open on its own in a moment.
The other information that we need for this step is your database information. This was the full database name (our store), the full username and a strong password that we made sure to make note of and set aside just a bit ago. Have the database information available
So lets jump in and get started with editing our wp-config.php (config) file.
- Find your config.php file on your computer.
If you have not moved it, it is likely still in your downloads folder and inside the wordpress folder. You can look for it and recognize it using the process we used in step 3 when we renamed the config file. Once you have located your file:
- Right click on the config.php file
- Look for “Open With” when the menu box opens
- Move your cursor over the “Open With”. Once there, another menu will open.
- In the second menu that opens, look for the name of your text editor
- Click on the name of your text editor
Wait for the program to open. You may get a warning that says that you had downloaded this from the internet and verifying that you do want to open it. WordPress.org files are safe to open. Their files are carefully monitored for all those dangerous things that you used to be afraid of.
The config.php file is probably the most important file of all the WordPress files. Why? Because this file is the file that serves as the gatekeeper between where the database lives on your server and where your files will live on your server. Right now, it is still just a file. It does not have a home. It is not connected to anything and can not function until it is placed in a very specific location, at home, on your server. (Another reason not to worry about breaking it).
1.6 million WordPress Superheroes read and trust our blog. Join them and get daily posts delivered to your inbox - free!
Once the file opens in the text editor, you will probably not be able to understand very much of it – you do not need to. And yes, this is code. (Breathe! Deep breath and release.) OK. So, this is code. Lets really take a closer look at what appears to be a big scary beast. I assure you, it is not a big scary beast, just some simple logical statements once you know what to look for. Look for:
// ** MySQL settings – You can get this info from your web host ** //
If your text editor includes line numbers, it should be somewhere near line 17. If your editor does not have line number, no worries. Simply look for the double forward slant. The area you are looking should look very similar to the image below.
Look for these three things in your wp-config.php file:
We are going to edit these three areas.
NOTE: When you edit your file, be sure to leave the single quotes around your information.
The highlighting you see in the image below is for illustration purposes only. Your wp-config.php file will not show the highlight.
- copy and paste in your full database name
- copy and paste in your full username
- copy and paste in your strong password
Once the data is in place and you verify that it is correct.
- save your file
The remaining edits to our wp-config.php file, although optional, are HIGHLY recommended. Technically this is all you have to do in this step. In fact, many of the one click WordPress installs will stop here and continue directly to the next step.
The WordPress 5 minute install handy guide however, includes a bit more.
Beginner Tips for the WordPress 5 minute Install
The final edit is your first opportunity to add a basic, but added layer of security to protecting your website.
All sites are vulnerable and have a degree of a security risk. A site can only be as secure as you make it. Making a site as secure as possible is about preventative maintenance and eliminating the opportunity of a breach.
a breach. So, when increasing our security is a simple edit, then we might as well take advantage of it and add it now.
For the enhanced security of the WordPress 5 minute install, we are required to use keys. The WordPress 5 minute install also recommends using salts. It is very easy to add Salt keys.
- Scroll down a bit in your editor look for:
* Authentication Unique Keys and Salts.
You can find authentication information in your wp-config.php file somewhere around line 37. It should look very similar to the example image below.
Note in the image above, you can see a block of code containing 8 define’s on line 45 though and including line 52. This block of define’s is what we are going to replace your wp-config.php file. But first we need to grab the code to put in its place.
To get the required code:
When you click the link, a new window or tab will open and will see nothing but a bunch of numbers . These are unique numbers every time someone lands on this page. The sequences of number change each time. (Go ahead and refresh that window and you will see them change again.)
- Select and then copy the entire block of numbers starting before the first “define” and ending after the last row and the last semi-colon.
- Paste these numbers over the top of the area of your wp-config.php that has the block of define’s.
- Save your file.
You have just edited your first code and completed Step 4 of the WordPress 5 minute install.
Extra Security Tip:
For an easy to add security measure change the default WordPress Database Table prefix. All WordPress website installation use wp_ as a database table prefix. Changing this database prefix adds security by making your site one step more difficult to break into than the individuals who fail to change this default prefix.
- replace the wp (blue in the image above) of the ‘wp_’ with your choice of table prefix.
Your database table prefix can be more than 2 letters. You may choose whatever you like. By keeping the underscore there, you will make it easier for yourself (or your web developer) when and if you ever need to work within the database.