When you want to add the GIT source control for your WordPress based website this is always the first question that comes into the mind – what to include in .gitignore file?
In general you should include anything that can change depending on environment such as configuration files, log files, cache, backup and language directories, uploads directory. Also when you set up your WordPress website with GIT source control, you must ensure that you disable the options of editing and modifying files, including the abilities to install or update WordPress core, plugins or themes, in any environment (e.g. production, staging) except the one you use for website development.
A WordPress configuration file and its template file
Including these in a .gitignore file is a mandatory thing since these files contain access data (database server login information, salt keys, etc). In general you should not store in a repository anything that contains access data or sensitive information because of potential leakage. Also not to mention that these files contain environment-specific information.
wp-config.php
wp-config-sample.php
Apache / PHP server configuration files
These are also environment-specific files which should be stored directly on the server.
/.htaccess
.user.ini
php.ini
Log files – error logs, plugin-specific log files
Any kind of log files should not be placed under version control.
*.log
error_log
Dynamic files and directories
These are files and directories where it is expected for the content to change. This includes cache files and directories, language file directory, upgrade directory, uploads directory, backup directories, plugin-specific data files and directories (e.g. EWWW Image Optimizer and WP CloudFlare Super Page Cache, Query Monitor link, Autoptimize 404 handler file, etc) and the list is not even complete (could change because of different setup of plugins). Essentially the first 5 should always be included.
/wp-content/cache/
/wp-content/*-cache.php
/wp-content/languages/
/wp-content/uploads/
/wp-content/upgrade/
/wp-content/ewww/
/wp-content/db.php
/wp-content/autoptimize_404_handler.php
/wp-content/wp-cloudflare-super-page-cache/
/wp-content/wpo-cache/
/wp-content/ai1wm-backups/
File-system specific files
Often automatically generated by either Macintosh or Windows operating systems. These are filesystem files which are not related to your project in any way and should not be included since they can also contain a sensitive information.
.DS_Store
Thumbs.db
Complete .gitignore Template for WordPress
So now that we’ve reviewed every part of what to include, here’s a complete copy of the recommended .gitignore file for WordPress based websites:
#WordPress configuration file and its template file
wp-config.php
wp-config-sample.php
#Apache / PHP server configuration files
/.htaccess
.user.ini
php.ini
#Log files
*.log
error_log
#Dynamic files and directories
/wp-content/cache/
/wp-content/*-cache.php
/wp-content/languages/
/wp-content/uploads/
/wp-content/upgrade/
#Dynamic files and directories (plugin-specific samples)
/wp-content/ewww/
/wp-content/db.php
/wp-content/autoptimize_404_handler.php
/wp-content/wp-cloudflare-super-page-cache/
/wp-content/wpo-cache/
/wp-content/ai1wm-backups/
#File-system specific files
.DS_Store
Thumbs.db