Issue Summary
When creating sites in Local, in wp-config.php are no “Authentication unique keys and salts” defined.
That is no problem in local development environment, but when a finished site is transported to a real hoster and published, the missing salts are a big security problem!
And not all users are aware of this or are able to insert salts by themself afterwards!
Troubleshooting Questions
-
Does this happen for all sites in Local, or just one in particular?
Evrywhere -
Are you able to create a new, plain WordPress site in Local and access it in a Browser?
Yes
Replication
Describe the steps that others can take to replicate this issue. If you have screenshots that can help clarify what is happening, please include them!
- create a new site in Local
- check wp-config.php
System Details
-
Which version of Local is being used? 6.7.0
-
What Operating System (OS) and OS version is being used?
Windows 10 Home -
Attach the Local Log. See this Help Doc for instructions on how to do so:
Security Reminder
Local does a pretty good job of scrubbing private info from the logs and the errors it produces, however there’s always the possibility that something private can come through. Because these are public forums, always review the screenshots you are sharing to make sure there isn’t private info like passwords being displayed.