Categories
Security Wordpress

Protect your wp-config.php

You can protect your wp-config.php in WordPress if you have access and your server support .htaccess.

Just make a little addition to your .htaccess as following:

<File wp-config.php>
order allow, deny
deny from all
</File>

Malicious people will have an harder life in order to get hold of your wp-config.php file, which contains really sensitive information.

Try this out on a test installation first just to avoid funny surprises in case you have some sort of special configuration.