Secure WordPress Config file with .htaccess

Default WordPress configuration file which is also known as wp-config.php is an important file for your WP installation. It holds sensitive information of your site including the database, it’s users name and password. Needless to say that protecting this file from unauthorized access is one of the most important part to ensure the security of your WP based website.

WordPress SecuritySecuring WordPress with .htaccess.

One way to increase the security of your wp-config.php file could be using .htaccess file and denying all the external access to this file using the following lines.

All you have to is to download the .htaccess (if your server supports it) file on your computer and open it up with your HTML editor. Then simply copy the following lines and paste it at the very beginning of your .htaccess file. Save the file and upload it back to your server.

<files wp-config.php>
order allow,deny
deny from all
</files>

Another important thing that you can do is to change the file permission for .htaccess from your FTP client software (i.e. FileZilla). Once the file is uploaded to your FTP server simply press the right button of your mouse and select the “File Permission” option. “Change the file attribute”

Today In History

  •  
  •  

Comment

Leave a Reply

Note: Convet HTML, PHP, JavaScripts from Postable, before posting from comment section.
License: By submitting a comment here you grant this site a perpetual license to reproduce your words and name/Web site in attribution. Please use your real name or a pseudonym (i.e., pen name, alias, nom de plume) when commenting. If you add your site name, company name, or something completely random, I'll likely change it to whatever I want.