12 PART I • Getting Started with WordPress
WordPress autosaves posts and pages within the admin interface. By default, the autosaves
occur every 60 seconds, but you can change the frequency of these autosaves to whatever you
like, such as to every 180 seconds:define('AUTOSAVE_INTERVAL', 180 );Users with an administrator account can edit theme and plugin files from within the Word-
Press admin interface. This is a potential problem should a malicious user gain access to an
administrator account, so you might want to turn that off, as follows:define('DISALLOW_FILE_EDIT', true);WP_DEBUG is a great tool to use when you need to see what went wrong, as well as during
local development. It is the way to view database errors and get warnings about using depre-
cated (no longer supported) functions or files:define('WP_DEBUG', true);Setting WP_DEBUG to false is just like not using it at all, meaning that errors that don’t have
any direct impact on your site will be suppressed.If you want to enable network support, more commonly referred to as multisite, you do that in
wp-config.php as well:define('WP_ALLOW_MULTISITE', true);This opens up the necessary settings and features in the WordPress admin interface. I’ll get to
that later in this book, so pay it no more heed than this for now. For even more tricks and
settings available to the wp-config.php file, consult the Codex page at http://codex.
wordpress.org/Editing_wp-config.php. Here you’ll also find instructions on how
to log errors on a live site, using WP_DEBUG_DISPLAY and WP_DEBUG_LOG to make sure
that your error messages aren’t shown to all the visitors but rather saved to a log file. You
might also want to take a look at the Hardening WordPress Codex page (http://codex.
wordpress.org/Hardening_WordPress).A FEW WORDS ON INSTALLERS
Some web hosts offer installers that will get your WordPress install up and running with just a
click from within the web host admin interface. The most popular of these one-click installers
is probably Fantastico. At first, a single-click install sounds like a really good idea because you
don’t have to fiddle with config files or anything; it’ll just slap the blog up there, and you can
get started.However, take a moment to do some research before going down this route. The most
important aspect to consider is what version of WordPress the installer is actually setting up.
Old versions shouldn’t be allowed because they are outdated and, at worst, a security hazard.