Making WordPress.org

Changeset 6589


Ignore:
Timestamp:
02/10/2018 10:07:37 AM (7 years ago)
Author:
iandunn
Message:

WP15: Explicitly name config files based on their security context.

Using "wp-config.php" for public config is counter-intuitive, since that file traditionally stores sensitive information. This makes it obvious to anyone that there are separate files for public and private configuration, and reduces the risk of a developer unintentionally adding private configuration to the public file.

Location:
sites/trunk/wp15.wordpress.net
Files:
1 added
3 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wp15.wordpress.net

    • Property svn:ignore
      •  

        old new  
        1 local-config.php
         1config-private.php
  • sites/trunk/wp15.wordpress.net/.gitignore

    r6582 r6589  
    55#
    66
    7 local-config.php
     7config-private.php
    88public_html/content/upgrade
    99public_html/content/uploads
  • sites/trunk/wp15.wordpress.net/public_html/wp-config.php

    r6588 r6589  
    11<?php
    22
    3 /*
    4  * SECURITY WARNING: This file is _public_. Add passwords, etc to `local-config.php`.
    5  */
    6 
    7 require_once( dirname( __DIR__ ) . '/local-config.php' );
    8 
    9 $table_prefix = 'wp_';
    10 
    11 define( 'DB_CHARSET', 'utf8mb4' );
    12 define( 'DB_COLLATE', ''        );
    13 
    14 define( 'WP_CONTENT_URL', WP_HOME . '/content'                        );
    15 define( 'WP_SITEURL',     WP_HOME . '/wordpress'                      );
    16 define( 'WP_CONTENT_DIR', __DIR__ . '/content'                        );
    17 //define( 'WPCACHEHOME',    WP_CONTENT_DIR . '/plugins/wp-super-cache/' );
    18 //define( 'WP_CACHE',       true                                        );
    19 
    20 define( 'DISALLOW_FILE_EDIT',       true );
    21 define( 'DISALLOW_UNFILTERED_HTML', true );
    22 
    23 if ( 'production' === WP15_ENVIRONMENT ) {
    24     ini_set( 'display_errors', 0 );
    25 
    26     define( 'WP_DEBUG_DISPLAY', false );
    27     define( 'WP_DEBUG_LOG',     true  );
    28     define( 'SCRIPT_DEBUG',     false );
    29     define( 'FORCE_SSL_ADMIN',  true  );
    30 } else {
    31     define( 'SAVEQUERIES',  true );
    32     define( 'WP_DEBUG',     true );
    33     define( 'SCRIPT_DEBUG', true );
    34 }
    35 
    36 if ( ! defined( 'ABSPATH' ) ) {
    37     define( 'ABSPATH', dirname( __FILE__ ) . '/' );
    38 }
    39 
    40 require_once( ABSPATH . 'wp-settings.php' );
     3require_once( dirname( __DIR__ ). '/config-private.php' );
     4require_once( dirname( __DIR__ ). '/config-public.php'  );
Note: See TracChangeset for help on using the changeset viewer.