Securing the configuration file

1. Log in to your Web server via FTP, and then locate and open the
.htaccess file to edit it.
See Chapter 2 of this minibook for information on File Transfer
Protocol (FTP).
Most FTP programs allow you to open and edit a file on the server by
right-clicking the filename and choosing Edit. This opens the file in the
default text editor on your computer (either Notepad for Windows or
TextMate for Mac).
2. Add the Deny from all code to the top of the .htaccess file.
This secures the file from being seen by any bots or search engines
on the Web:
<Files wp-config.php>
Order Allow,Deny
Deny from all
</Files>
3. Save the new .htaccess file and upload it to your Web server.
Your wp-config.php file is hidden from any outside bots or
search engines.
4. Change file permission (chmod) on wp-config.php to 640.

Advertisements
Securing the configuration file

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s