Saw an interesting blog post on Twitter today about storing WordPress FTP information in wp-config.php. The article was written in German so I sent the author an email to ask if he’d mind me translating it. Phil, the author, very kindly said yes – so my translation is below.

Since the addition of the automatic updates in the WordPress core became available, there has been the possibility of FTP data in the backend. Then you can get both plugins and the core by clicking on the date. However WordPress then stores the login information in the blog database. This can be a potential security issue. If someone were to gain access to your database then they would also have access to your entire server. One way of reducing the risk is to use the approach outlined below.

Editing wp-config.php

Access

The wp-config.php file can be used to define constant values so that the usage of a database can be removed. This makes the database smaller, and so improves site performance. For the FTP access the constants are as follows and should be added to the bottom of your wp-config.php file:

define('FTP_HOST', 'ftp.example.org');
define('FTP_HOST', 'ftp.example.org:2121');
define('FTP_USER', 'username'); 
define('FTP_PASS', 'password');

Secure Connection

For a secure connection add the following line (default: false):

define('FTP_SSL', true);

Directories

If the WordPress installation is not in the root directory of the FTP server you can define the location as follows:

define('FTP_BASE','...');

Have you moved the plugin directory or all of the content folder? You can also specify the full path using these two constants:

define('FTP_CONTENT_DIR', '...');

define('FTP_PLUGIN_DIR', '...');

Method

Finally, you can also adjust the method to be used by WordPress for the file system. This often hides errors if something goes wrong with the file permissions. You should only change this value if errors occur, most of the time the default will work just fine.

define('FS_METHOD', 'direct');

The following methods are possible:

  • direct (default) – PHP file system functions
  • ssh – SSH PHP Extension
  • ftpext – FTP PHP Extension
  • ftpsockets – PHP socket extension

The constants FTP_PUBKEY, FTP_PRIKEY display the paths to the SSH public key and private key SSH specify.

Delete existing data

If you’re unsure whether access data already stored on WordPress, you can search the WordPress options in the database using the following page on your website:

http://example.org/wp-admin/options.php

There you should search for the entry: ftp_credentials

If this is present, you have already stored the FTP data in your database. You can delete it by simply removing the value in the ftp_credentials field on the options page, then scrolling to the bottom, and pressing save. You should be very careful doing this though as there is potential for your website to be broken when doing this.

More information

Further Information can be in the WordPress Codex:

Easy WordPress Updates: Store FTP Info in wp-config.php的更多相关文章

  1. Automatic WordPress Updates Using FTP/FTPS or SSH

    Introduction When working with WordPress in a more secure environment where websites are not entirel ...

  2. Install WordPress Plugins without FTP Access

    WordPress will only prompt you for your FTP connection information while trying to install plugins o ...

  3. WordPress主题制作教程[壹] - 了解WP&结构&索引

    最近开始筹备WordPress主题开发了.首先我们在此章节中进行了解什么是WP,以及WP的结构.通过这个文章索引到以后所写的WP系列教程. (抱歉,大家不要急,持续更新中....) 1.首先,我们来认 ...

  4. 关于wordpress中的contact form7和WP Mail SMTP的一些设置

    昨天帮客户解决了这个问题  折腾了好几个小时  下面说下流程 先配置的  wp mail smtp 如果配置完毕后  就可以使用里面配置的邮件   放到contact form7 中的 发件人中 1 ...

  5. Core - Provide an easy way to store administrator and user model differences in a custom store (e.g., in a database)

    https://www.devexpress.com/Support/Center/Question/Details/S32444/core-provide-an-easy-way-to-store- ...

  6. 【WordPress】CentOS 6.10 测试WP发送邮件失败

    1.错误信息如下: SMTP -> ERROR: Failed to connect to server: Permission denied (13) 2.解决方法: https://gist ...

  7. 解决升级WordPress及插件需输入FTP账号的问题

    当添加,删除,升级 WordPress 插件或者直接升级 WordPress 的时候,WordPress 总是提示让你输入 FTP 帐号信息,非些烦人. 我们可以在 wp-config.php 中定义 ...

  8. 五种WordPress防止垃圾评论方法-过滤垃圾评论提高WP运行效率

    WordPress貌似和垃圾评论是一对“孪生兄弟”,无论在国内还是国外的空间主机上搭建的Wordpress博客,无论Wordpress有多少流量多么低的权重,垃圾评论都会自动找上门来,假如有好几天没有 ...

  9. wordpress常用插件汇总

    WordPress之所以能成为目前最具人气的独立博客程序,除了无数爱好者为它开发的主题外,源源不断的插件支持也是重要的原因之一.wordpress的强大,也是在于无数爱好者源源不断的主题和插件. wo ...

随机推荐

  1. SqlServr性能优化性能之层次结构(十五)

    1.添加根节点: hierarchyid  GetRoot()方法 --创建数据库 create table Employeeh(EmployeeID int,Name varchar(500),Ma ...

  2. 按书上学写测试pytest

    慢慢的,这块知识也补好吧. 系统的学习框架,具体的细节,可以边百度边实现. test_three.py '''Test the Task data type.''' from collections ...

  3. shell常用

    -e filename 如果 filename存在,则为真-d filename 如果 filename为目录,则为真 -f filename 如果 filename为常规文件,则为真-L filen ...

  4. linux 101 hacks 4stat diff ac

    stat 命令 stat 命令那个可以用来查看文件或者文件系统的状态和属性.显示一个文件或目录的属性 $ stat /etc/my.cnf File: `/etc/my.cnf' Size: Bloc ...

  5. doc元素select 取值

  6. Ionic入门五:表单

    一.输入框 list 类同样可以用于 input 元素.item-input 和 item 类指定了文本框及其标签. 1.输入框属性:placeholder 以下实例中,默认为100%宽度(左右两侧没 ...

  7. Ionic入门四:卡片

    近年来卡片(card)的应用越来越流行,卡片提供了一个更好组织信息展示的工具. 针对移动端的应用,卡片会根据屏幕大小自适应大小. 我们可以很灵活的控制卡片的显示效果,甚至实现动画效果. 卡片一般放在页 ...

  8. vue.js 是如何做到数据响应的

    许多前端JavaScript框架(例如Angular,React和Vue)都有自己的数据相应引擎.通过了解相应性及其工作原理,您可以提高开发技能并更有效地使用JavaScript框架.在视频和下面的文 ...

  9. Linux-看完这篇Linux基本的操作就会了(转)

    前言 只有光头才能变强 这个学期开了Linux的课程了,授课的老师也是比较负责任的一位.总的来说也算是比较系统地学习了一下Linux了~~~ 本文章主要是总结Linux的基础操作以及一些简单的概念~如 ...

  10. beeshell —— 开源的 React Native 组件库

    介绍 beeshell 是一个 React Native 应用的基础组件库,基于 0.53.3 版本,提供一整套开箱即用的高质量组件,包含 JavaScript(以下简称 JS)组件和复合组件(包含 ...