Saw an interesting blog post on Twitter today about storing WordPress FTP information in wp-config.php. The article was written in German so I sent the author an email to ask if he’d mind me translating it. Phil, the author, very kindly said yes – so my translation is below.

Since the addition of the automatic updates in the WordPress core became available, there has been the possibility of FTP data in the backend. Then you can get both plugins and the core by clicking on the date. However WordPress then stores the login information in the blog database. This can be a potential security issue. If someone were to gain access to your database then they would also have access to your entire server. One way of reducing the risk is to use the approach outlined below.

Editing wp-config.php

Access

The wp-config.php file can be used to define constant values so that the usage of a database can be removed. This makes the database smaller, and so improves site performance. For the FTP access the constants are as follows and should be added to the bottom of your wp-config.php file:

define('FTP_HOST', 'ftp.example.org');
define('FTP_HOST', 'ftp.example.org:2121');
define('FTP_USER', 'username'); 
define('FTP_PASS', 'password');

Secure Connection

For a secure connection add the following line (default: false):

define('FTP_SSL', true);

Directories

If the WordPress installation is not in the root directory of the FTP server you can define the location as follows:

define('FTP_BASE','...');

Have you moved the plugin directory or all of the content folder? You can also specify the full path using these two constants:

define('FTP_CONTENT_DIR', '...');

define('FTP_PLUGIN_DIR', '...');

Method

Finally, you can also adjust the method to be used by WordPress for the file system. This often hides errors if something goes wrong with the file permissions. You should only change this value if errors occur, most of the time the default will work just fine.

define('FS_METHOD', 'direct');

The following methods are possible:

  • direct (default) – PHP file system functions
  • ssh – SSH PHP Extension
  • ftpext – FTP PHP Extension
  • ftpsockets – PHP socket extension

The constants FTP_PUBKEY, FTP_PRIKEY display the paths to the SSH public key and private key SSH specify.

Delete existing data

If you’re unsure whether access data already stored on WordPress, you can search the WordPress options in the database using the following page on your website:

http://example.org/wp-admin/options.php

There you should search for the entry: ftp_credentials

If this is present, you have already stored the FTP data in your database. You can delete it by simply removing the value in the ftp_credentials field on the options page, then scrolling to the bottom, and pressing save. You should be very careful doing this though as there is potential for your website to be broken when doing this.

More information

Further Information can be in the WordPress Codex:

Easy WordPress Updates: Store FTP Info in wp-config.php的更多相关文章

  1. Automatic WordPress Updates Using FTP/FTPS or SSH

    Introduction When working with WordPress in a more secure environment where websites are not entirel ...

  2. Install WordPress Plugins without FTP Access

    WordPress will only prompt you for your FTP connection information while trying to install plugins o ...

  3. WordPress主题制作教程[壹] - 了解WP&结构&索引

    最近开始筹备WordPress主题开发了.首先我们在此章节中进行了解什么是WP,以及WP的结构.通过这个文章索引到以后所写的WP系列教程. (抱歉,大家不要急,持续更新中....) 1.首先,我们来认 ...

  4. 关于wordpress中的contact form7和WP Mail SMTP的一些设置

    昨天帮客户解决了这个问题  折腾了好几个小时  下面说下流程 先配置的  wp mail smtp 如果配置完毕后  就可以使用里面配置的邮件   放到contact form7 中的 发件人中 1 ...

  5. Core - Provide an easy way to store administrator and user model differences in a custom store (e.g., in a database)

    https://www.devexpress.com/Support/Center/Question/Details/S32444/core-provide-an-easy-way-to-store- ...

  6. 【WordPress】CentOS 6.10 测试WP发送邮件失败

    1.错误信息如下: SMTP -> ERROR: Failed to connect to server: Permission denied (13) 2.解决方法: https://gist ...

  7. 解决升级WordPress及插件需输入FTP账号的问题

    当添加,删除,升级 WordPress 插件或者直接升级 WordPress 的时候,WordPress 总是提示让你输入 FTP 帐号信息,非些烦人. 我们可以在 wp-config.php 中定义 ...

  8. 五种WordPress防止垃圾评论方法-过滤垃圾评论提高WP运行效率

    WordPress貌似和垃圾评论是一对“孪生兄弟”,无论在国内还是国外的空间主机上搭建的Wordpress博客,无论Wordpress有多少流量多么低的权重,垃圾评论都会自动找上门来,假如有好几天没有 ...

  9. wordpress常用插件汇总

    WordPress之所以能成为目前最具人气的独立博客程序,除了无数爱好者为它开发的主题外,源源不断的插件支持也是重要的原因之一.wordpress的强大,也是在于无数爱好者源源不断的主题和插件. wo ...

随机推荐

  1. style一张图--openlayers

  2. 【小程序开发】上拉加载更多demo

    wxml: <scroll-view class='swiper-scroll' scroll-y="{{true}}" bindscrolltolower="lo ...

  3. ggplot2使用初探

    ggplot2已经成为了R语言中数据可视化的同义词, 这是一个强大的工具, 可以帮助我们制作优良的图表, 创造出令人吃惊的图片, 下面我们一起学习(本博文参考了知乎问题如何使用 ggplot2中黄宝臣 ...

  4. Linux sudo 配置

    1.配置sudo权限 sudo配置信息保存在 /etc/sudoers 文件中,可以使用vi修改.但使用vi修改需要给root用户设置权限,可以使用 visudo 直接修改. visudo 复制这行将 ...

  5. CF401D 【Roman and Numbers】

    题意将n(n<=10^18)的各位数字重新排列(不允许有前导零)  求  可以构造几个mod m等于0的数字解法状压f[S][k] 表示选用的位数集合为S,mod m 为k的方案数注意不能有前导 ...

  6. C压缩字符串中的空格

    使用纯C语言,去除一个字符串开头和结尾的空格,内部若有连续空格只保留一个.  C Code  12345678910111213141516171819202122232425262728293031 ...

  7. Git missing in VS Code – No source control providers

    解决办法:管理->设置->搜索[git.enabled]和[git.path],分别设置下即可. 注意"git.enabled: true",只设置git.path是不 ...

  8. CVE-2013-3893

    前方高能!!!这篇博文比较长,因为我把完整的调试过程都记录下来了,感兴趣的童鞋可以看下.没有耐心的童鞋可以直接跳到最后看总结:) Microsoft Internet Explorer 远程代码执行漏 ...

  9. InterSystems Ensemble学习笔记(一) Ensemble介绍及安装

    系列目录 InterSystems Ensemble学习笔记(一) Ensemble介绍及安装InterSystems Ensemble学习笔记(二) Ensemble创建镜像, 实现自动故障转移 一 ...

  10. Python全栈开发之14、Javascript

    一.简介 前面我们学习了html和css,但是我们写的网页不能动起来,如果我们需要网页出现各种效果,那么我们就要学习一门新的语言了,那就是JavaScript,JavaScript是世界上最流行的脚本 ...