Secure wp-config.php File With htaccess


Your wp-config.php file stores all of your config variables for your WordPress site. If someone has access to this file they will be able to see your database username and password.

When you first install WordPress there is a default wp-config-sample.php file which you need to rename and modify.

To keep this secure you can move this file outside of the WordPress root folder, WordPress is able to find this file one level up from the root.

Another way to secure the wp-config.php file is to use htaccess to deny access for everyone trying to access it. To use htaccess to deny access, add the following snippet in your htaccess file.

<Files wp-config.php>
 Order Allow,Deny
 Deny from all

You can even use this same technique to help protect your htaccess file, just add the following to your htaccess file to protect itself.

<Files .htaccess>  
   order allow,deny  
   deny from all  
Back to top ^

Join Paulund

  • Get access to 100s of premium tutorials and downloadable content
  • Members content consists of Premium WordPress plugins, CSS packages, jQuery packages, tutorial demo files and templates for 100s of web development tutorials
  • In-depth development tutorials
  • Priority tutorial requests
  • Priority email development support
  • No ads

Here at Paulund you'll find Web Development tutorials and snippets focusing mainly on PHP, WordPress and CSS. Members will get access to premium tutorials that go into more detail about development with these languages. You will also get access to downloadable premium content based on the tutorial.

Join Paulund

Leave a Reply

Your email address will not be published. Required fields are marked *