Customization WordPress before installation

Few people know that some customization WordPress you can make before its installation. It is enough to add a few lines in the file wp-config.php. The proposed settings can enhance the safety and convenience of working with WordPress, as well as reduce the burden on database.

Customization WordPress security

Database prefix

If WordPress (or some plugin) have a security flaw known as “SQL injection”, evilminded can be easily use the default prefixes. They can be change or delete your WordPress database. However, if you have a different table prefix than the default (wp_), they must be to know that prefix, right?

While setting up a new website, either change the default value. You can do this WordPress customization on the installation page or in the wp-config.php file, change the line below:

$table_prefix = 'wooh00yeah_';

Beware: If you want to make this work in an existing WordPress site, dont need just change the prefix on the wp-config.php file. Because in this case you’ll can get database connection errors. You should use a plugin for that to change the wp-config.php file AND the database tables AND some specific values inside those tables. I recommend the DB Prefix Change plugin.

Security Keys

One of the most relevant precautions for WordPress – it is the replacement of security keys on a random values. Find in your file wp-config.php this lines

define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');

Then open https://api.wordpress.org/secret-key/1.1/salt/. Copy the generated keys and insert them instead of the default. Beware: can`t to make this customization in an existing WordPress site, it must be do before installation.

Editing files

WordPress default allows edit files of plug-ins or templates from the admin panel.
And if you have access to a panel of several people, respectively, increases the chance of breaking the site.
To disable the ability to edit files add in wp-config.php the following line:

define('DISALLOW_FILE_EDIT',true);

Customization WordPress database

Following 3 lines can keep around 20% of your wp_post table. Your database will be happy and I think, this customization must be before each WordPress installation.

The revisions feature for posts is enabled by default, but can lead to significant database bloat. Revisions are there so you can revert to a previous version of a post if you need to. If you don’t plan on using revisions to check the “earlier versions” of your posts, you definitely should disable this feature. Jast add the following line to the wp-config.php file:

define('WP_POST_REVISIONS', false );

However, if you’re fine with revisions but you’re not going to benefit from unlimited copies of your edited posts, you can limit the maximum number of revisions for each posts with this line of code:

define('WP_POST_REVISIONS', 2 );

If you sometimes work on your post for 4 hours, you might find it annoying that WordPress automatically saves the state of your post every 60 seconds. I’ll give credit that it’s not a bad thing but sometimes it’s really, really annoying. Anyways, if you want to set the autosave interval to a higher value, you can do it by defining it in the wp-config.php file like this:

define('AUTOSAVE_INTERVAL', 240 );

And about those, who have installed WordPress. The only thing that would be difficult to change – only $table_prefix. All other settings and customization in WordPress can be done after installation. You can do it right now.

If you have any questions – welcome to comments, certainly I`ll glad to see it and help. If you have a custom built solution(s) or you don`t have expirience in WordPress, maybe will need to reaching to WordPress Freelancer.