Learn to Deny Access to Your wp-config.php File Under WordPress Installation

• 20 October 2021
• in: Uncategorized

Is your wp-config.php file secure? you’ll be able to deny access to the current file by following easy steps.

Under WordPress Installation steps to Deny Access to Your wp-config.php File

1. In the main directory of your WordPress installation You will find your wp-config.php and it is used to access the database.
2. In this file includes of your user id, password and database name in unencrypted format.
3. Though it would be a .php file and no one should ready to see its content from the browser, you shouldn’t keep it within the main folder without doing something regarding it.
4. .htaccess in WordPress is usually wont to setup custom permalink for better SEO optimization. However you’ll be able to utilize .htaccess to reduce vulnerability of your website.
5. It is sensible to update your .htaccess to deny access to it. Here, files directive will be used to deny access to sure files. This directive will be used for any file on your web site.
6. Under the www directory simply add the below code to your .htaccess present :

# to protect wp-config.php
<Files wp-config.php>
order allow,deny
deny from all
</Files>

Here “deny all” can deny the access to wp-config.php for all.