How to properly configure your wp config/wp-config

So you got your WordPress website setup but do you have it optimized or secured? Is your wp config/wp-config done right?

Most of what is in this doesn’t require you to have root access (also known as administrator in the Windows world) or even much knowledge about programming for that matter.

All you will need to do to accomplish this is copy the code below and replace the sections with the <> with your information and you will be set to go.

If you don’t have a development environment or even know what that is then don’t worry about the ‘local’ section.

Now I did find this config example in github and I have sense made minor tweaks here and there. Finding it sense on Google has been near impossible.

// The Main Switch:
define('CURRENT_SERVER','live'); // Set for Production

/*  ------------------------ YOUR SERVER CONFIGURATIONS --------------------- */


case 'local': // Mainly used for Development
		define('WP_DEBUG', true);
		define('SAVEQUERIES', false);
		define('WP_DEBUG_LOG', false);
		define('WP_DEBUG_DISPLAY', true);
			The SAVEQUERIES definition saves the database queries to an array to help analyze those queries.
			See on how to use it.
		define( 'SCRIPT_DEBUG', true );
		define( 'CONCATENATE_SCRIPTS', false );
		define('DB_NAME', <DBNAME>);
		define('DB_USER', <DBUSER>);
		define('DB_HOST', 'localhost');
		// DOMAIN &amp; URL
		define('PROTOCOL', 'http://');
		define('DOMAIN_NAME', '');
		define('PATH_TO_WP', '/'); // if your WordPress is in a subdirectory.
		define('WP_HOME', WP_SITEURL . PATH_TO_WP); // root of your WordPress install
case 'live':
		define('WP_DEBUG', false);
		define('SAVEQUERIES', false);
		define( 'SCRIPT_DEBUG', false);
		// log errors in a file (wp-content/debug.log), don't show them to end-users.
		define('WP_DEBUG_LOG', true);
		define('WP_DEBUG_DISPLAY', false);
		/* Compression */
		define( 'COMPRESS_CSS',        true );
		define( 'COMPRESS_SCRIPTS',    true );
		define( 'CONCATENATE_SCRIPTS', true );
		define( 'ENFORCE_GZIP',        true );
		define('DB_NAME', <DBNAME>);
		define('DB_USER', <DBUSER>);
		define('DB_HOST', 'localhost');
		define( 'DB_CHARSET', 'utf8mb4' );
		define( 'DB_COLLATE', '' );
		define('FS_METHOD', 'direct');
		// DOMAIN &amp; URL
		define('PROTOCOL', 'https://');
		define('PATH_TO_WP', '/'); // if your WordPress is in a subdirectory.
		define('WP_HOME', WP_SITEURL . PATH_TO_WP); // root of your WordPress install
		// Using subdomains to serve static content (CDN) ? 
		// To prevent WordPress cookies from being sent with each request to static content on your subdomain, set the cookie domain to your non-static domain only.
		// FTP: On some webhosting configurations, WordPress automatic updates fail. Try the FTP method. If still a no-go, see: for alternative methods. */
		define('FS_METHOD', 'ftpext');
		define('FTP_USER', 'YOUR FTP LOGIN');
		define('FTP_HOST', 'YOUR FTP HOST (without http:// or ftp://)');
		define('FTP_SSL', false);

/*  ------------------------ SETTINGS COMMON TO ALL SERVERS  --------------------- */

define('TABLE_PREFIX', <YOUR_PREFIX>);  // Something else than the default wp_. Only numbers, letters, and underscores.
define('WP_POST_REVISIONS', 5 ); // How many revisions to keep at max.
define('AUTOSAVE_INTERVAL', 120); // in seconds
define('EMPTY_TRASH_DAYS', 7); // in days (use 0 to disable trash)

// WORDPRESS' LANGUAGE _ Default is 'en_EN'
define('WPLANG', 'en_EN');

define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');

define('WP_ALLOW_REPAIR', false); // Set to true to have WP repairs its database tables, refresh page, set back to false.

// make it less obvious that your site is using wordpress.

// rename wp-content folder
// define( 'WP_CONTENT_DIR', dirname(__FILE__) . '/wp-content' );
// define( 'WP_CONTENT_URL', WP_SITEURL.'/wp-content');

// rename uploads folder
// define( 'UPLOADS', '/wp-content/uploads' );

// rename plugins folder
// define( 'WP_PLUGIN_DIR', dirname(__FILE__)  . '/wp-content/plugins' );
// define( 'WP_PLUGIN_URL', WP_SITEURL.'/wp-content/plugins');

// You cannot move the Themes folder, but your can register an additional theme directory
// register_theme_directory( dirname( __FILE__ ) . '/themes-dev' );

// Prevent users from editing themes and plugins via the UI
define( 'DISALLOW_FILE_MODS', false ); // Warning: this hides access to "add new plugins" functionality
define( 'DISALLOW_FILE_EDIT', true );

// Cron system
define( 'DISABLE_WP_CRON', true ); // If you can, disable wp_cron: use a real cronjob to trigger /wp-cron.php

// SSL
if (PROTOCOL === 'https://'){
	define( 'FORCE_SSL_LOGIN', true );
	define( 'FORCE_SSL_ADMIN', true );

// If you don't plan to post via email, decrease this
define('WP_MAIL_INTERVAL', 86400); // 1 day (instead of 5 minutes)

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define( 'AUTH_KEY',         <REPLACE> );
define( 'SECURE_AUTH_KEY',  <REPLACE> );
define( 'LOGGED_IN_KEY',    <REPLACE> );
define( 'NONCE_KEY',        <REPLACE> );
define( 'AUTH_SALT',        <REPLACE> );
define( 'LOGGED_IN_SALT',   <REPLACE> );
define( 'NONCE_SALT',       <REPLACE> );

/*  ------------------------  MULTISITE MODE  --------------------- */

define( 'WP_ALLOW_MULTISITE', true ); // Enable multisite mode. 
define('SUBDOMAIN_INSTALL', false); //  Leave false to use subdirectories
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);

// Must-use Plugins. These plugins are loaded by default before any other plugins.
// define( 'WPMU_PLUGIN_DIR', dirname(__FILE__) . '/extensions/builtin' );
// define( 'WPMU_PLUGIN_URL', '' );

// Where to redirect users stumbling on a 404 website
define( 'NOBLOGREDIRECT', '' );


/*  ------------------------ OTHER CONSTANTS YOU COULD NEED  --------------------- */

/* IF YOU ARE DOING AJAX, This line tells WordPress to load as little as possible */
// define( 'SHORTINIT', true );

define('WP_MEMORY_LIMIT', '128M');
define('WP_MAX_MEMORY_LIMIT', '256M');  // Admin area specifically

//define('WP_DEFAULT_THEME', 'twentyeleven'); // Custom Default Theme

// Custom Database Table for Users
//define( 'CUSTOM_USER_TABLE', $table_prefix.'peeps' );
//define( 'CUSTOM_USER_META_TABLE', $table_prefix.'peepmeta' );

// More Cron
//define( 'WP_CRON_LOCK_TIMEOUT', 120 ); // cron repeat interval
//define( 'ALTERNATE_WP_CRON', true ); // Issues with cron? Try this setting as a last resort.

// Auto-updates
//define( 'AUTOMATIC_UPDATER_DISABLED', true );  // Disable all automatic updates
//define( 'WP_AUTO_UPDATE_CORE', false ); // Disable all core updates
//define( 'WP_AUTO_UPDATE_CORE', true ); // Enable all core updates, including minor and major
//define( 'WP_AUTO_UPDATE_CORE', 'minor' ); // Enable core updates for minor releases (default)
//define( 'DO_NOT_UPGRADE_GLOBAL_TABLES', true ); // Disable DB Tables auto-update

/*  -------------------------- STOP EDITING PAST THIS POINT  --------------------- */
$table_prefix = TABLE_PREFIX;

// Adapt your servers to the chosen locale.
setlocale(LC_ALL, WPLANG);

// For compatibility with old plugins
if (defined('WP_PLUGIN_DIR')) define( 'PLUGINDIR',  WP_PLUGIN_DIR );

/** Absolute path to WordPress. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . PATH_TO_WP);
require_once(ABSPATH . 'wp-settings.php');

Note: if you only have shared hosting you might want to lower the following lines:

define('WP_MEMORY_LIMIT', '128M');
define('WP_MAX_MEMORY_LIMIT', '256M');  // Admin area specifically

The rest of it you can leave except for updating the <> stuff to match yours.

Now if you are doing Multisite or stuff like that you need to uncomment those sections, but leave that to your developers of course unless you want to learn. 🙂

Do you have any tweaks to the wp config/wp-config that you like to do?

How to extend Angular 2 HTTP Service with Factories

Recently I had an issue where I needed to add a JWT Token to the header of my API calls with Angular2 and with me practicing T-DRY, I had to figure out a way to do it.
I searched and searched and found almost nothing. I did however find a way to build a factory to do it and then noticed that there is hardly any documentation and hardly any resources about it. So I figured it would be helpful to others if I added it here.

Read more