Moving Your wp-config.php File

wordpress securityWith the correct file permissions and a correctly configured web server, keeping your wp-config.php file in the same public folder as the rest of your blog should be perfectly fine. But, when it comes to protecting your website, security is an onion (or Ogre apparently); the more layers, the more of it you got.

The WordPress Codex affirms this sentiment and recommends that you move your wp-config.php away from its default install location. self-hosted blogs allow you to move your wp-config.php up one level from your blog’s root. That’s all well and good, but for most web servers, one level up from your blog root is still a public_html folder. You’re best off putting it in a folder that’s not a subdirectory of your public_html or WWW folder. That way, the chances of someone reaching it via a web browser or any other HTTP application is virtually nil.


Home Privacy Policy Terms Of Use Wordpress Security - Moving Your wp-config.php File Anti Spam Policy Contact Us Affiliate Disclosure Amazon Affiliate Disclaimer DMCA Earnings Disclaimer