#WordPress Security Tip – Secure Your wp-config.php

If you choose to leave your wp-config.php file in the default location, add these lines to your .htaccess file

<files wp-config.php>
order allow,deny
deny from all
</files>

This will prevent your wp-config.php file from being accessed by a client.

Make sure to put it outside the # BEGIN WordPress and # END WordPress tags to ensure that when configuring WordPress it’s not changed.

This entry was posted in Wordpress. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *