⏲️ Estimated reading time: 6 min
📝 Learn about the essential files and folders that make up a standard WordPress installation within a cPanel hosting account. Understand their purpose and how they interact for better maintenance and security.
🗂️ Standard Files and Folders for WordPress in the Root Directory of a cPanel Hosting Account
When managing a WordPress site on a cPanel hosting account, it’s important to understand the directory structure. Whether you’re installing WordPress manually, troubleshooting issues, or optimizing for speed and security, knowing what each file and folder does can save you time and prevent errors.
In this guide, we’ll explore all the standard files and folders you’ll find in a WordPress installation located in your public_html/ or the root directory.
📁 Where Does WordPress Live in cPanel?
In most shared hosting environments using cPanel, the main public-facing directory is:
/home/yourusername/public_html/
This is the root directory for your main domain. WordPress files and folders are either installed directly into this folder or into a subfolder (like /blog or /wp).
🧰 Standard WordPress Root Directory Files
Here are the main files you’ll see immediately after a fresh WordPress installation:
1. index.php
- Purpose: Acts as the front controller; it initializes WordPress when someone visits your site.
- Modifying this is generally unnecessary.
2. wp-config.php
- Purpose: Contains critical configuration data including database credentials, table prefix, and security keys.
- Important for security. Avoid exposing or misconfiguring this file.
3. .htaccess
- Purpose: A configuration file for Apache servers. Handles permalink structures, redirects, and more.
- Often modified by plugins like caching tools or security plugins.
4. license.txt & readme.html
- Purpose: Informational files related to WordPress licensing and version info.
- You can safely delete
readme.htmlto prevent version fingerprinting by attackers.
5. wp-activate.php, wp-signup.php, wp-login.php, wp-cron.php
- Handle user logins, signups, and WordPress’s scheduled task system.
- Essential for WordPress core functionality.
📂 Core WordPress Folders
These are the three main directories required for WordPress to operate:
1. wp-admin/
- Purpose: Contains files for the WordPress admin dashboard.
- Avoid editing anything here unless you’re developing custom admin functionality.
2. wp-includes/
- Purpose: Stores core WordPress functions and classes.
- This folder powers themes, plugins, and much of the WordPress engine.
3. wp-content/
- This is your playground—the only core folder you should routinely access and modify.
Inside wp-content/, you’ll find:
themes/– Installed themes.plugins/– Installed plugins.uploads/– All media uploads (images, documents, etc).mu-plugins/– Optional folder for “must-use” plugins that auto-load.
🧾 Additional Files You May Encounter in Root
Not all installations are identical. Here are some extra files that may appear in your WordPress root directory:
error_log– Generated if your server has PHP errors.php.ini,.user.ini– Used to override PHP settings.robots.txt– Controls how search engines crawl your site.sitemap.xml– Usually generated by SEO plugins for search engines.ads.txt– Used in digital advertising transparency.
🛑 Files and Folders You Should Not Delete
Do NOT delete the following:
wp-admin/wp-includes/wp-content/wp-config.php.htaccess
Deleting these can break your site completely. Always back up your site before making changes.
🔐 Best Practices for Managing Your Root Directory
- Restrict access: Use
.htaccessrules to block access to sensitive files. - Clean up unused files: Remove leftover
readme.html, install files, and error logs. - Update regularly: Keep WordPress, themes, and plugins up to date.
- Limit write permissions: Only give write access when necessary (e.g., for uploads).
- Backup regularly: Store a zip of your root directory and database before big changes.
🔄 How to View Your Root Directory in cPanel
To inspect your WordPress root structure:
- Login to your cPanel.
- Navigate to File Manager.
- Open the public_html/ folder.
- Look for the files and folders mentioned above.
💡 If your WordPress is installed in a subfolder (e.g. public_html/blog/), look inside that folder instead.
🧹 Optional: What You Can Safely Delete
Once your WordPress is installed and running, some files are optional:
| File | Can Delete? | Notes |
|---|---|---|
readme.html | ✅ Yes | Prevents version disclosure |
license.txt | ✅ Yes | Just a copy of the GPL license |
wp-config-sample.php | ✅ Yes | Only needed before install |
However, never delete .htaccess, index.php, or wp-config.php without a backup.
📦 Optional Custom Files to Add
You may choose to add your own files for security or maintenance:
.user.ini– PHP overrides.security.txt– For ethical hackers to contact you.phpinfo.php– To test PHP environment (delete afterward).
🔍 Recap of WordPress Folder Structure in Root
/public_html/
├── wp-admin/
├── wp-content/
│ ├── themes/
│ ├── plugins/
│ └── uploads/
├── wp-includes/
├── index.php
├── wp-config.php
├── .htaccess
├── wp-login.php
├── wp-cron.php
├── readme.html
├── robots.txt (optional)
└── sitemap.xml (optional)
🧭 Final Thoughts
Understanding your WordPress root directory structure is fundamental if you plan to manage your website effectively. It helps you fix problems faster, harden your site’s security, and gives you confidence when using cPanel.
Whether you’re a beginner exploring your site for the first time or an experienced developer tuning performance, knowing which files matter and which you can ignore or delete can make your WordPress journey much smoother.
The root directory structure of a cPanel hosting account
This image shows the root directory structure of a cPanel hosting account as displayed in the File Manager interface. Here’s a breakdown of what you’re seeing:
📂 Folder Breakdown:
| Folder Name | Description |
|---|---|
| etc/ | Configuration files for email and domains (e.g., email passwords, aliases). |
| logs/ | Server log files for tracking access, errors, etc. |
| mail/ | Stores mail data for email accounts associated with your domains. |
| public_ftp/ | Folder for FTP access (rarely used today). |
| public_html/ | ✅ Primary web root – this is where your WordPress site files go. |
| ssl/ | SSL certificate data, including private keys and certs. |
| tmp/ | Temporary files (e.g., web statistics, cache). |
| wordpress-backups/ | Likely created by a plugin for storing backup files. |
| access-logs/ | Logs of who accessed your site, often rotated automatically. |
| www/ | A symlink (shortcut) to public_html/. They are functionally the same. |
📌 Key Folder to Focus On:
public_html/is where your WordPress installation resides.- If you install WordPress here, your domain (e.g.,
yourdomain.com) points to it by default. - You might see folders inside like
wp-content,wp-admin, and files likeindex.php,wp-config.phponce WordPress is installed.
🔔 For more tutorials like this, consider subscribing to our blog.
📩 Do you have questions or suggestions? Leave a comment or contact us!
🏷️ Tags: WordPress files, cPanel hosting, WordPress structure, wp-config, .htaccess, wp-content, wp-admin, wp-includes, hosting root, File Manager
📢 Hashtags: #WordPressTips, #cPanelHosting, #WPConfig, #WebsiteSecurity, #WebDevelopment, #WordPressGuide, #RootDirectory, #WPFiles, #WPBeginner, #ManageWordPress
Only logged-in users can submit reports.
Discover more from HelpZone
Subscribe to get the latest posts sent to your email.
