[wp-hackers] Salting

Shea Bunge info at bungeshea.com
Mon Jul 1 21:54:18 UTC 2013

If you don't create a wp-config.php file, when you visit your WordPress installation URL, it will present you with a screen where all you need to do is enter your database details and WordPress will build a wp-config.php file for you (this includes setting the salts). The page you mention only exists for people who are building a wp-config.php file manually, by copying the wp-config-sample.php file and editing the values

> From: dyordan1 at ramapo.edu
> Date: Mon, 1 Jul 2013 14:32:02 -0400
> To: wp-hackers at lists.automattic.com
> Subject: [wp-hackers] Salting
> I might be wrong on how all of this works but since this -> https://api.wordpress.org/secret-key/1.1/salt/ exists, why isn't it built into wordpress to just grab a random set of salts on the initial installation and save it in the wp-config on its own instead of the 'put your unique phrase here'? I feel like a good 40-50% of all installations have exactly that as salts so I feel this would make it a bit more secure. Am I missing something?
> ~Dobri
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers


More information about the wp-hackers mailing list