Following my last little article on WordPress plugins I can't live without, it made me remember something I'd done recently to my WordPress installation. If your a WordPress user which runs WordPress on a server rather than a wordpress.com hosted account then you'll understand that each time you install or remove a plugin you have to provide FTP information in order for WordPress to correctly locate the wp-content/plugins directory and get authorization to add or remove a plugin. This while small can become quite tedious, but did you know you can get WordPress to remember the FTP information forever? Which means you won't have to constantly keep typing in your password each time you add or remove a plugin!
It's nothing complicated, all you need to do is locate your wp-config.php file which is located within the first directory of your wordpress installation. For example if your whole website runs off WordPress your wp-config.php file will be located within the public_html folder. If you have set up your wordpress installation within a sub directory such as blog so you URL is www.mywebsite/blog/ then the wp-config.php will be within the first level of that directory. Once you've located the wp-config.php file open it up in some form of text editor, you edit it via your webhost control panel or over FTP it's up to you.
Now once you've got your wp-config.php file open this is where I will say, DON'T CHANGE ANYTHING. This file (while small) controls part of your WordPress installation and changing any part of it can stuff up your WordPress powered website unless you know what your doing. Scared you enough? Continue reading. Luckily we won't be changing anything just adding a couple of lines to the file. Scroll down to the bottom of the wp-config.php file until you see ?> This represents the closing tag of a PHP script. We are going to be adding a couple of lines just before the closing tag. Make sure it's before and not after the closing tag otherwise it won't work. Add the following just before the end PHP tag:
/* WordPress FTP Information (For removing the constant password request on plugin install and removal) */
define("FTP_HOST", "mywebsite.com");
define("FTP_USER", "username");
define("FTP_PASS", "mypassword");
You will need to change the example data to your settings. Your FTP address is typically just your website URL and 9 times out of 10 your FTP username is what you webhost control panel username is. Usually webhost control panel usernames are 7 letters or less, and your password, well only you know that! If you are unsure of your FTP account details contact your host, im sure they'd happily enlighten you!
Save your changes to your wp-config.php file and thats it. You can now go ahead and test out your addition by installing a plugin using the Add new feature (Only in WordPress 2.7 +) you should fine that the plugin will install without requesting your FTP password. This addition to your wp-config.php file will also remove the need for you to enter a password when you delete a plugin also.
Hope my quick tip is useful to all you WordPress users out there!
Fire G
June 2nd
There's also another way by editing the DB field "FTP_Credentials" and adding it that way. Though that method requires you to know how HTML returns are saved in MySQL form.
Also, if you're hosted on MediaTemple then you already have automatic updates (no editing, nothing special needs to be done, it just works, trust me).
Andrew Turner
June 2nd
It's weird - sometimes auto install/updates just works on some servers, and others it doesn't (as so it requires the FTP info).
I'ld love to know what PHP functions are required as to have it 'just work'.
Thanks for the article.
Reven
June 24th
Just in case this helps someone, after googleing for 11 years (maybe less) I found out that it depends on the user PHP runs as. So, on shared hosts (like Mediatemple dv mentioned above), PHP runs as the user for security purposes and WordPress will not complain.
On private hosts (or maybe some less security-wise shared), PHP runs as www-data (or nobody on other systems) by default, so WordPress won't write to your files, even if it has write privileges (the reason being that the file would then belong to www-data and the user wouldn't be able to delete it).
If your on a private server (or VPS) you might want to run PHP as a CGI with suexec, so you can decide on a per server basis the user PHP runs as.
Good luck.
James
June 26th
Thank you for sharing. I can expand slightly on shared hosting. Usually on share host you have a directory set up such as home/domains/www.james-blogs.com/public_html so when you add that code to your wp-config.php file you should be okay as there will be no conflict or write issues. I haven't had experience with VPS hosting, but if your on a host like Media Temple do what Reven has said, Also Fire G's blog is hosted on Media Temple so im sure he could offer something about it.
Again thanks for sharing Reven.
Joomla Bear
July 6th
Thx James,
This was really useful - just migrated a clients site from a dedicated WHM/cPanel setup to Plesk at RackSpace. The constant request for FTP credentials to update outdated plugins was quite annoying but this fixed it.
Cheers
James
July 6th
No problem glad it helped you
Work At Home
July 12th
James, I'm confused.
I always use my ftp client when adding plugins to my site, and my client already has my login and passwords saved. Isn't that a really easy/safe way to change things on my server?
Charlie Seymour Jr
Say It So They Buy It: http://bit.ly/8snzh
James
July 12th
Thats different if you use a FTP client already then you don't need to change anything. This is for people that install plugins via the WordPress Admin interface.
security locks
August 1st
Great content, very helpfull. The web needs more great sites like this.
Andy
February 11th
Wery interesting but what about security? wp-config.php set as 644 is safe enough?
Thanks a lot
Rob
February 26th
Awesome! Thanks for the tip, I was wondering about this.