Skip to main content

Configure

WordPress Capsules are configured through environment variables in the Config tab of your Capsule's page. All configuration is applied at container start — changes take effect on the next deploy or restart.

Database Connection

Your WordPress Capsule requires a MySQL Data Capsule. In the Config tab, click Edit in the WordPress Config section to select a MySQL Capsule from your Space.

The following database environment variables are injected automatically:

VariableDescription
WORDPRESS_DB_HOSTMySQL host (set by the platform)
WORDPRESS_DB_NAMEDatabase name (default: app)
WORDPRESS_DB_USERDatabase username
WORDPRESS_DB_PASSWORDDatabase password

You can change the database name by editing WORDPRESS_DB_NAME in the WordPress Config section.

Storage

Your WordPress Capsule requires a Persistent Storage Capsule for uploaded media, plugin files, and theme files. Select one in the WordPress Config section.

The storage volume mounts at /var/www/html/wp-content/* to <PERSISTENT_STORAGE_DIR>/. Without it, uploaded files are lost on every deploy.

Site URL

The public URL of your site is injected as APP_URL. WordPress uses this to generate links, enqueue scripts, and handle redirects.

If you change your domain, update APP_URL and run a search-replace on the database to update stored URLs:

cc wp search-replace 'https://old-domain.com' 'https://new-domain.com' --all-tables

You would need to proxy connect to the MySQL Database or run a search and replace plugin once the domain changes.

See Routing for more on domain configuration.

PHP Settings (WORDPRESS_CUSTOM_INI)

Override PHP configuration values using the WORDPRESS_CUSTOM_INI environment variable. Values are written to a .ini file loaded by PHP-FPM on startup.

WORDPRESS_CUSTOM_INI=memory_limit = 512M
upload_max_filesize = 128M
post_max_size = 128M
max_execution_time = 120

Multiple settings are separated by newlines.

Common PHP settings

SettingDefaultDescription
memory_limit256MMax memory per PHP request
upload_max_filesizefrom MAX_UPLOAD_SIZEMax size of a single uploaded file
post_max_sizefrom MAX_UPLOAD_SIZEMax total POST body size
max_execution_time60Max seconds a PHP request may run
max_input_vars3000Max number of input variables (increase for complex ACF layouts)
opcache.validate_timestamps1Set to 0 on production to skip file-change checks
opcache.jitoffSet to tracing to enable PHP 8 JIT
opcache.jit_buffer_sizeSet to 64M when enabling JIT

See Performance for a full tuning guide.

Upload Size (MAX_UPLOAD_SIZE)

Set a single variable to configure the upload limit consistently across both nginx and PHP:

MAX_UPLOAD_SIZE=128M

This sets:

  • Nginx client_max_body_size
  • PHP upload_max_filesize
  • PHP post_max_size

Accepted suffixes: M (megabytes), G (gigabytes). Default is 64M.

If you also set upload_max_filesize or post_max_size via WORDPRESS_CUSTOM_INI, those values override MAX_UPLOAD_SIZE for PHP only.

PHP-FPM Pool (WORDPRESS_FPM_CONF)

Override PHP-FPM process manager settings using WORDPRESS_FPM_CONF. Values are appended to the [www] pool configuration.

WORDPRESS_FPM_CONF=[www]
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 3

Choosing the right worker count

A typical WordPress page uses 30–80 MB of memory per worker. WooCommerce pages may use 100–150 MB. Estimate:

max_children ≈ available_memory ÷ average_worker_memory

Recommended settings by capsule size:

Capsule RAMpmmax_childrenNotes
512 MBdynamic3Minimal
1 GBdynamic5Small blog or portfolio
2 GBstatic8Medium site with consistent traffic
4 GBstatic16WooCommerce or high-traffic content

See Performance for the full scaling guide.

Security Configuration

VariableDefaultDescription
SESSION_COOKIE_SECURE1HTTPS-only session cookies. Set to 0 for local development.
CSP_HEADERpermissive defaultContent-Security-Policy header value. Empty string to disable.
XMLRPC_ENABLEDfalseEnable XML-RPC endpoint (required for Jetpack and the WordPress mobile app)
NGINX_EXTRA_CONFRaw nginx directives injected into the server block

See Security for the full security reference.

Caching Configuration

VariableDefaultDescription
CACHE_TTL_SECONDSunset (disabled)Page cache TTL in seconds. Must be a positive integer. Unset to disable.
DEBUG_HEADERSfalseExpose X-Cache header for cache diagnostics

See Caching for the full caching reference.

Cron Configuration

VariableDefaultDescription
DISABLE_PUBLIC_WP_CRONtrueRestrict wp-cron.php to internal platform calls only

Also set in WORDPRESS_CONFIG_EXTRA:

define('DISABLE_WP_CRON', true);

See Cron for the full cron reference.

Rate Limiting

VariableDefaultDescription
RATE_LIMIT_NORMAL_ROUTES_RPM120Requests per minute for public pages
RATE_LIMIT_PROTECTED_ROUTES_RPM30Requests per minute for wp-admin and wp-login.php
RATE_LIMIT_API_ROUTES_RPM60Requests per minute for the REST API
RATE_LIMIT_MAX_CONN_PER_IP30Max concurrent connections per IP address

All Environment Variables

VariableDefaultDescription
WORDPRESS_DB_HOSTinjectedMySQL host
WORDPRESS_DB_NAMEappDatabase name
WORDPRESS_DB_USERinjectedDatabase username
WORDPRESS_DB_PASSWORDinjectedDatabase password
APP_URLinjectedSite public URL
MAX_UPLOAD_SIZE64MUpload limit for nginx and PHP
WORDPRESS_CUSTOM_INIPHP ini overrides (newline-separated)
WORDPRESS_FPM_CONFPHP-FPM pool overrides (ini format)
WORDPRESS_CONFIG_EXTRAPHP constants injected into wp-config.php
CACHE_TTL_SECONDSunset (disabled)Page cache TTL in seconds. Unset to disable caching.
DEBUG_HEADERSfalseExpose X-Cache response header
DISABLE_PUBLIC_WP_CRONtrueRestrict wp-cron.php to internal access
XMLRPC_ENABLEDfalseEnable XML-RPC endpoint
CSP_HEADERpermissiveContent-Security-Policy header value
SESSION_COOKIE_SECURE1HTTPS-only session cookies
RATE_LIMIT_NORMAL_ROUTES_RPM120Rate limit for public routes
RATE_LIMIT_PROTECTED_ROUTES_RPM30Rate limit for admin routes
RATE_LIMIT_API_ROUTES_RPM60Rate limit for REST API
RATE_LIMIT_MAX_CONN_PER_IP30Max concurrent connections per IP
NGINX_EXTRA_CONFCustom nginx directives in the server block

Ready to deploy?

Start your free trial and go live in minutes.

Get Started Free →