Singapore & Australia # 1 for Web Hosting & Domains
SG: +65 6018 3544   AU: 1300-863-436 Asset 1colo Help
Vodien Logo
  1. Home
  2. Knowledge Base
  3. CMS
  4. How to Update WordPress Security Keys and Salts

How to Update WordPress Security Keys and Salts

Alerts usually pop up on websites asking you to allow the usage of cookies while you are scrolling through website pages. We advise you to be mindful of this because cookies track the pages you are looking at within a website, for sales strategy purposes.  

Cookies can also be a security risk as it stores login information for websites. That’s why security keys (secret keys) and salts are made to encrypt the cookies to prevent hackers from getting sensitive information from it 

Security keys and salts can be added to your WordPress website. Follow the instructions below on how to set it up.   

Step 1Log in to cPanel or connect to FTP.  

Step 2. Click the File Manager button under Files category. Skip this step if you are using FTP. 

File Manager Button in cPanel

Step 3. Access your WordPress website files and right-click on wp-config.php file. 

Wp-config File in File Manager


  • The main domain’s website files are in public_html folder 
  • An addon domain’s website files are in the addon directory. 
  • subdomain’s website files are in the subdomain’s directory. 

Step 4. Click Edit.  

Edit Wp-config File in File Manager

Step 5. Click Edit on the pop-up.

Wp-config File Edit Warning in File Manager

Step 6. Replace the values in between the single quotes (‘) on the lines underlined in the screenshot.

Secret Keys and Salts in Wp-config File

You can make up random characters or generate it from the WordPress Key Generator.  

Tip: Make the keys as long and as complicated as it can be so that it’s hard for someone to decrypt it. There’s no need to remember the keys after this process. 

Step 7. Click the Save Changes button. 

Save Secret Keys and Salts in Wp-config File

Updating of security keys and salts logs out all users in your WordPress website. You can repeat this process every time you feel someone is hacking your website.  

Please do not hesitate to contact our 24/7 Singapore or Australia Support Team if you have further questions. 

(Visited 193 times, 1 visits today)
Updated on April 15, 2021

Was this article helpful?

Related Articles