Support » Fixing WordPress » Do secret keys need to be generated for extra security for version 3.2.1?

  • Hi, I’ve been looking into security measures and came across one relating to secret keys and there is a generator to produce them at: https://api.wordpress.org/secret-key/1.1/salt/

    Im aware this requires an edit of the wp-config.php file. These keys are also in the wp-config-sample.php file so just wondering if I need to use these secret keys in the first place and if I do, do I need to update both files?

    Thanks

Viewing 5 replies - 1 through 5 (of 5 total)
  • just wondering if I need to use these secret keys in the first place

    Yes. The keys used in your site’s wp-config.php file should be unique to your site.

    do I need to update both files?

    No – just wp-config.php.

    You need generate the keys by using the url provided above the keys and when you generate the keys they are unique so just paste them in wp-config.php file wp-config-sample.php is just that is not used.

    OK thanks

    The reason I ask is because these keys are already in this file and are they not doing a secure job already?

    The same keys are in every downloaded copy of WordPress.

    I see 🙂

    Thanks for clarifying.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Do secret keys need to be generated for extra security for version 3.2.1?’ is closed to new replies.