What to include in a gitignore file for WordPress websites

When you want to add the GIT source control for your WordPress based website this is always the first question that comes into the mind – what to include in .gitignore file?

In general you should include anything that can change depending on environment such as configuration files, log files, cache, backup and language directories, uploads directory. Also when you set up your WordPress website with GIT source control, you must ensure that you disable the options of editing and modifying files, including the abilities to install or update WordPress core, plugins or themes, in any environment (e.g. production, staging) except the one you use for website development.

Here’s quick walktrough of specific things what to include in the .gitignore file when developing a WordPress website. In case you want a quick solution, you can skip straight to the complete .gitignore template I’ve prepared.

A WordPress configuration file and its template file

Including these in a .gitignore file is a mandatory thing since these files contain access data (database server login information, salt keys, etc). In general you should not store in a repository anything that contains access data or sensitive information because of potential leakage. Also not to mention that these files contain environment-specific information.

wp-config.php
wp-config-sample.php

Apache / PHP server configuration files

These are also environment-specific files which should be stored directly on the server.

/.htaccess
.user.ini
php.ini

Log files – error logs, plugin-specific log files

Any kind of log files should not be placed under version control.

*.log
error_log

Dynamic files and directories

These are files and directories where it is expected for the content to change. This includes cache files and directories, language file directory, upgrade directory, uploads directory, backup directories, plugin-specific data files and directories (e.g. EWWW Image Optimizer and WP CloudFlare Super Page Cache, Query Monitor link, Autoptimize 404 handler file, etc) and the list is not even complete (could change because of different setup of plugins). Essentially the first 5 should always be included.

/wp-content/cache/
/wp-content/*-cache.php
/wp-content/languages/
/wp-content/uploads/
/wp-content/upgrade/
/wp-content/ewww/
/wp-content/db.php
/wp-content/autoptimize_404_handler.php
/wp-content/wp-cloudflare-super-page-cache/
/wp-content/wpo-cache/
/wp-content/ai1wm-backups/

File-system specific files

Often automatically generated by either Macintosh or Windows operating systems. These are filesystem files which are not related to your project in any way and should not be included since they can also contain a sensitive information.

.DS_Store
Thumbs.db

Complete .gitignore Template for WordPress

So now that we’ve reviewed every part of what to include, here’s a complete copy of the recommended .gitignore file for WordPress based websites:

#WordPress configuration file and its template file
wp-config.php
wp-config-sample.php

#Apache / PHP server configuration files
/.htaccess
.user.ini
php.ini

#Log files
*.log
error_log

#Dynamic files and directories
/wp-content/cache/
/wp-content/*-cache.php
/wp-content/languages/
/wp-content/uploads/
/wp-content/upgrade/

#Dynamic files and directories (plugin-specific samples)
/wp-content/ewww/
/wp-content/db.php
/wp-content/autoptimize_404_handler.php
/wp-content/wp-cloudflare-super-page-cache/
/wp-content/wpo-cache/
/wp-content/ai1wm-backups/

#File-system specific files
.DS_Store
Thumbs.db

FAQ about WordPress and gitignore

Where to place the .gitignore file?

Unless you are using a custom configuration for your project, the .gitignore file should be placed in the root directory of your WordPress installation — for example, where the WordPress configuration file is located.

Should the plugin and theme directories be included in the .gitignore file?

No. The contents of the WordPress plugin and theme directories are not expected to change dynamically on the server; therefore, they should all be version-controlled. WordPress core, plugin, and theme installations or updates (including third-party plugins and themes) should be performed only in a local environment and then committed to the Git repository.

Why languages directory should be included in the .gitignore file?

The wp-content/languages directory contains translation files for WordPress core, plugins, and themes. Normally it is expected that translations can be added or edited via WordPress admin interface, which makes the language files environment-specific. Unless you want to completely forbid the ability to add/edit translations in WordPress admin interface, this directory should be excluded from version control (added to gitignore).