required-salt-constants

Ensure required salt constants are defined.

A secret key makes your site harder to hack by adding random elements to the password.

In simple terms, a secret key is a password with elements that make it harder to generate enough options to break through your security barriers. A password like "password" or "test" is simple and easily broken. A random, long password which uses no dictionary words, such as "88a7da62429ba6ad3cb3c76a09641fc" would take a brute force attacker millions of hours to crack. A 'salt is used to further enhance the security of the generated result.

-- WordPress Codex

Install

This checkers comes with the preflight-command package. No extra setup steps needed.

Config

WARNING

Changing this checker's config doesn't make sense. Use with caution!

# excludes some of the salt constants
[required-salt-constants]
enabled = true
excludes = [
  'AUTH_KEY',
  'SECURE_AUTH_KEY',
]

# disable it
[required-salt-constants]
enabled = false

Default config located on /config/default.toml.

Solution

Define unique salt constants.

copy from WordPress salt generator to wp-config.php
$ wp config shuffle-salts

# required-salt-constants

# Install

# Config

# Solution

required-salt-constants

Install

Config

Solution