WordPress Security Keys and undefined constant notice: How to fix.

Security Keys in WordPress are a string of random characters used for authorization and encryption of cookies generated by WordPress. These security keys can be defined by user in the wp-config.php file at any point in time. During initial installation, it is not necessary for a user to provide these keys to install or run WordPress. If a user does not provide these keys in their wp-config.php file, then WordPress automatically generates these keys.


However, those key are used by WordPress Download Manager with some functions like encrypt or decrypt download key. So, if those fields are missing in your wp-config.php, you may see nothing like following:

Notice: Use of undefined constant NONCE_SALT – assumed ‘NONCE_SALT’ in …/wp-content/plugins/download-manager/libs/class.Crypt.php on line …

In such situation, to fix the issue, you need to add those keys in your wp-config.php. You must generate your own unique security key from the WordPress key generator.

Leave a Reply