# Info ## Key WordPress Files The root directory of WordPress contains files that are needed to configure WordPress to function correctly. * `index.php` is the homepage of WordPress. * `license.txt` contains useful information such as the version WordPress installed. * `wp-activate.php` is used for the email activation process when setting up a new WordPress site. * `wp-admin` folder contains the login page for administrator access and the backend dashboard. Once a user has logged in, they can make changes to the site based on their assigned permissions. The login page can be located at one of the following paths: * `/wp-admin/login.php` * `/wp-admin/wp-login.php` * `/login.php` * `/wp-login.php` This file can also be renamed to make it more challenging to find the login page. * `xmlrpc.php` is a file representing a feature of WordPress that enables data to be transmitted with HTTP acting as the transport mechanism and XML as the encoding mechanism. This type of communication has been replaced by the WordPress [REST API](https://developer.wordpress.org/rest-api/reference). ## WordPress Configuration File ### **wp-config.php** ```php */ /** The name of the database for WordPress */ define( 'DB_NAME', 'database_name_here' ); /** MySQL database username */ define( 'DB_USER', 'username_here' ); /** MySQL database password */ define( 'DB_PASSWORD', 'password_here' ); /** MySQL hostname */ define( 'DB_HOST', 'localhost' ); /** Authentication Unique Keys and Salts */ /* */ define( 'AUTH_KEY', 'put your unique phrase here' ); define( 'SECURE_AUTH_KEY', 'put your unique phrase here' ); define( 'LOGGED_IN_KEY', 'put your unique phrase here' ); define( 'NONCE_KEY', 'put your unique phrase here' ); define( 'AUTH_SALT', 'put your unique phrase here' ); define( 'SECURE_AUTH_SALT', 'put your unique phrase here' ); define( 'LOGGED_IN_SALT', 'put your unique phrase here' ); define( 'NONCE_SALT', 'put your unique phrase here' ); /** WordPress Database Table prefix */ $table_prefix = 'wp_'; /** For developers: WordPress debugging mode. */ /** */ define( 'WP_DEBUG', false ); /** Absolute path to the WordPress directory. */ if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', __DIR__ . '/' ); } /** Sets up WordPress vars and included files. */ require_once ABSPATH . 'wp-settings.php'; ``` ## WordPress User Roles | Role | Description | | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | | Administrator | This user has access to administrative features within the website. This includes adding and deleting users and posts, as well as editing source code. | | Editor | An editor can publish and manage posts, including the posts of other users. | | Author | Authors can publish and manage their own posts. | | Contributor | These users can write and manage their own posts but cannot publish them. | | Subscriber | These are normal users who can browse posts and edit their profiles. | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://eldeim.gitbook.io/brain_fuck/notes/certifications/eastereggs/htb-cbbh/hacking-wordpress/info.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.