HOW TO PROTECT CONFIG.PHP FILE IN YOUR WORDPRESS SITE? [STEP BY STEP]☑️
Today in this tutorial you will learn how to secure your WordPress site with config.php.
Secure the wp-config.php File in your WordPress site
The configuration is vulnerable to attacks making it imperative to secure it. One way of doing it is by changing its location so that hackers can’t find it in its default location. Although some developers may oppose this, there are plenty who think it’s a good idea. Take a look at this discussion.
Another security measure that you can take is to restrict file permission. Set the file permissions to 600 so that only true owners can edit the wp-config file. To change the file permission of wp-config, select the file and then choose the option ‘Permission’.
Follow the steps given below to change the file permission of config.php file:
Step::1 Login to your cPanel
Step::2 Open File Manager
Step::3 Go inside public_html
Step::4 Go to the path where you have installed WordPress
Step::5 Now look for wp-config.php
Step::6 Change the file permission to 0600
And then you need to include the following lines in the .htaccess file to prevent hackers from loading the wp-config file directly from the browser.
# protect wpconfig.php
deny from all
These lines basically block access to your wp-config.php from internal hacking and code modification thus securing wp-config.php file.
Thus, these were some of the methods to secure wp-config.php file which in-turn would secure your WordPress website. As a WordPress admin, you must ensure that your wp-config.php is configured in the above-mentioned steps and let your users also be aware of the best security practices for their organization’s website.
Follow the methods mentioned in this tutorial to protect the wp-config.php File in your wordpress site.
If you enjoyed this tutorial, please consider following us on Facebook and Twitter.