In order to better understand how the WordPress CMS works, it is good to know all its basic files. Each of the files contains a specific code for each part of the site or control panel pages. According to their structure, these files are of three types: Core, themes and plugins. By Core files we mean all the basic files that are added by default after installing WorPress on the server. In this article we will list and explain each core Core file separately, but very important to remember is that it is not recommended to apply edits to these files because they will be rewritten automatically whenever a WordPress update is performed. On the other hand, themes and plugins can be added after installation and of course, there are files that can be edited and customized in certain circumstances. Knowing the basic files allows you to better understand how the WordPress platform works. This is also due to the fact that inside them we can find numerous comment tags with detailed information about the written code. They also aim to present the role and operation of each file.

Understanding the structure of the WordPress platform folders and files is essential for each developer. With this knowledge you will be able to troubleshoot various errors that may occur on the site. You will also be able to know where themes, plugins, uploaded images, posts, pages, permalinks and so on are stored.

Installing the WordPress platform on a server can only be done after you have first created a database. The importance of this is due to the fact that this installation will not only store files in the base directory, but will also automatically create mysql tables that you will be able to view and manipulate later through the server’s phpmyadmin software. Once you have completed the installation of WordPress in a specific directory (usually this is public_html), you will see that some folders and files have been created:

1.PUBLIC_HTML DIRECTOR’S FIRST LEVEL FILES

wp-config.php file

The first file you come in contact with since the platform is installed is the wp-config.php file. This file contains basic information about the settings related to the assignment of a database to the created site as well as the creation of a user who will have the role of site administrator. The database prefix is ​​also included, which is an important factor when it comes to the security of stored data. By default, the prefix is ​​set to the default ‘wp_’, but it is recommended to customize it.

wp-config.php is also an extremely important file for developers, because from its content you can choose for example to activate the debugging mode of the platform, through which you can see in the pages of the site, the names of the errors and the location related codes when you are logged in. The wp-config.php file is not included in the Core package files until after the WordPress installation is complete. Without this file (respectively without a stable connection of the site to a database) a white background will be generated in the web pages with the following error displayed: “error establishing a connection to the database”. The following basic settings are found in the file structure:

1. define (‘DB_NAME’, ‘‘); – The name of the database to which the site is linked
2. define (‘DB_USER’, ‘‘); – The name of the user connected to the database in Cpanel
3. define (‘DB_PASSWORD’, ‘‘); – Password of the user connected to the database
4. define (‘DB_HOST’, ‘localhost’); – The name of the hosting program. It replaces the IP of the computer on which the server is running
5. define (‘DB_CHARSET’, ‘utf8’); – The character set used in the MySql tables.
6. define (‘DB_COLLATE’, ”); – The sort order of the character set
7. define (‘AUTH_KEY’, ‘‘); define (‘SECURE_AUTH_KEY’, ‘‘); define (‘LOGGED_IN_KEY’, ‘‘); define (‘NONCE_KEY’, ‘’); define (‘AUTH_SALT’, ‘‘); define (‘SECURE_AUTH_SALT’, ‘‘); define (‘LOGGED_IN_SALT’, ‘‘); define (‘NONCE_SALT’, ‘‘); – 8 codes (secret keys) for connecting to the information stored by cookies
8. $table_prefix = ‘wp_’; – Database prefix
9. define (‘WP_DEBUG’, false); – If you replace “false” with “true”, it will activate debug mode

.htaccess file

Even if the .htaccess name contains a dot in front of it, this is not to indicate an extension, but simply represents the name of the file that the Apache server is requesting whenever a redirect needs to be run. The meaning of the name of this file is “hypertext access” and brings an important advantage which is the ease of customizing the permalinks set directly from the WordPress control panel.

For example, this file redirects site pages to the 404.php file, which displays an error in user search results. In other words, this file also contributes to changing the URL from http to https, when an SSL certificate is installed on the server. The importance of this file lies in guiding search engines when certain pages have changed their location or simply no longer exist.

In fact, this file is not directly related to WordPress but to the hosting server. Specifically, the .htaccess file is not required, but it is necessary if you want to be safe from various site penalties when it comes to malfunctioning links. Another important aspect about this file is that it can block certain IP addresses, which results in a security measure against malicious strangers trying to log in to your site. The newly installed .htaccess file will look like this:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

wp-activate.php file

The purpose of this file is to confirm the activation codes that WordPress sends via email to new users who register on a site. The codes are usually confirmed after the user clicks on the link received in the mailbox.

error_log file

This file does not exist from the beginning of the installation and even after it is completed. It is automatically generated only when a certain error occurs on the site. Inside it are displayed all the errors that the site has had over time in the form of a list containing:

• date of error
• type of error
• the path to the file that generates the error
• the line of code that cause the error

index.php file

Index.php helps to load and display pages in the browser when requested by users. The lack of this file would cause the existing folders in the public_html directory to be displayed directly in the browser, instead of displaying web pages. This would not be indicated in terms of site security. Without this file, visitors could download the files from the site without having to log in to the Cpanel panel. Basically, the file does nothing but load the wp-blog-header.php file through which it tells WordPress to load the theme.

The contents of the wp-blog-header.php file

<?php
/**
 * Loads the WordPress environment and template.
 *
 * @package WordPress
 */

if ( ! isset( $wp_did_header ) ) {

	$wp_did_header = true;

	// Load the WordPress library.
	require_once __DIR__ . '/wp-load.php';

	// Set up the WordPress query.
	wp();

	// Load the theme template.
	require_once ABSPATH . WPINC . '/template-loader.php';
}

license.txt file

This file provides details about the GPL license offered by the WordPress platform for free.

readme.html file

Includes useful details on the processes of installing, updating and migrating sites built in WordPress.

wp-cron.php file

The ability to generate timed events directly from the back end of the WordPress dashboard is due to this file. Specifically, with the help of the integrated code, this file offers us the advantages of scheduling the publication of articles and updating themes, plugins or even the platform.

wp-load.php file

One of the roles of this file is to constantly check if the wp-config.php file exists. If the wp-config.php file does not exist, a new (re) install platform screen will automatically run. It also helps to load plugins or themes that are used in the database.

xmlrpc.php file

The structured code aims to standardize communication between the WordPress platform and other software. In other words, it allows other applications, completely separate from WordPress, to communicate with the site’s platform in order to be able to post content directly through them. For example: offline blogging applications, mobile applications, etc.

wp-login.php file

This file generates the login page from the back end. At the same time, it ensures the good functionality of the authentication, registration and reset processes of the users’ passwords.

wp-signup.php file

It is used to register the main site administrator when running the WordPress installation. It can be requested by the wp-load.php and wp-blog-header.php files to work.

2. WP-ADMIN Folder

Through the files in this folder, all the elements related to the WordPress control panel are controlled. In other words, the wp-admin folder offers the possibility to access the back-end part of the site through which you can add pages, posts and media files without having to log in to the Cpanel panel of the server or via FTP. Inside the folder we find next to the basic files CORE 7 subfolders, as shown in the image below:

Subfolder “images”

It stores all the images that WordPress displays by default in the admin panel.

Subfolder “CSS”

As its name implies, it contains all the CSS files used to style existing pages in the WordPress dashboard.

Subfolder “JS”

It contains all the files that contain Javascript code used in the back-end pages.

Subfolder “includes”

The main purpose of this folder is to store and manipulate basic features found in WordPress, such as:

• creating and using policies regarding the use of the site
• using the image editor
• widget management
• implementation of hooks required by themes, etc.

Subfolder “maint”

It contains a single file, namely repair.php, through which the tables in the database can be updated and optimized. In situations where the WordPress platform cannot properly connect to the database, this file helps to resolve these issues. It can rewrite or restore certain tables (created in the database by default by WordPress at the time of installation) in situations where they are compromised or deleted.

Subfolder “network”

All the files needed to use the “multisite” mode of the WordPress back-end panel are stored here.

Subfolder “user”

It offers the ability to switch from one user account to another when using “multisite” mode.

admin.php file

The most important file in this folder is admin.php. Through it, the roles of each user are checked, so that the options present in the WordPress control panel are displayed according to the configured capabilities and settings. Thus, it can block the display of certain features for people logged in to the site, in case the site administrator has restricted certain permissions by assigning a role.

users.php file

This file contributes to the way the WordPress dashboard is displayed to users, differentiating administrators from other user roles.

update.php file

Whenever you see notifications in the WordPress dashboard regarding the need to update the platform to the latest version, this is generated through this file. This includes the update configuration pages.

network.php file

Its code allows the user to log in to multiple WordPress sites through a single control panel. In other words, it allows you to view the back-end parts of multiple sites by using the “multisite” infrastructure.

profile.php file

With this file it is possible to view a page of the profile of each user registered on the site. This page displays user data, their login information, and added color palettes.

theme-install.php file

It creates pages in the control panel through which you can see the available themes. It also generates a page where you can add a new WordPress theme.

themes.php file

This file generates pages through which an active theme can be modified.

plugins.php file

Displays the installed plugins page.

3. WP-CONTENT FOLDER

This is one of the most important folders used by developers, because through it you can manage plugins and themes installed or created custom, as well as files uploaded to the media library (images, PDF files, etc.). Inside this folder we will find the following:

Subfolder “languages”

All files related to are stored here:

-the default language set for the site

-translations of plugins and themes

-languages ​​used in a translation module

Subfolder “plugins”

All installed plugins are stored individually in a subfolder here.

Subfolder “themes”

It contains the individual folders of the downloaded or created themes.

Subfolder “uploads”

All uploaded images are structured here in turn in folders sorted by:

• year
• modules
• templates
  

4. WP-INCLUDES Folder

By number of files, this is the largest folder in the WordPress structure and contains all the necessary ingredients for good use of the platform. Widgets, fonts used, page or article building blocks, certificates, sitemaps, templates, etc. are stored here.

The most important file in this folder is functions.php, which contains all the default PHP functions for WordPress.