Improve WordPress Security by Moving the wp-config.php File
Sarah Gooding   – October 12, 2012
7 Comments

Improve WordPress Security by Moving the wp-config.php File

Here’s a quick security tip that will make it nearly impossible for anyone to access your wp-config.php file. Simply move it one directory above your WordPress root.

Example:

Default wp-config.php file location:

public_html/wordpress/wp-config.php

Move it here:

FREE EBOOK
Your step-by-step roadmap to a profitable web dev business. From landing more clients to scaling like crazy.

By downloading this ebook I consent to occasionally receive emails from WPMU DEV.
We keep your email 100% private and do not spam.

FREE EBOOK
Plan, build, and launch your next WP site without a hitch. Our checklist makes the process easy and repeatable.

By downloading this ebook I consent to occasionally receive emails from WPMU DEV.
We keep your email 100% private and do not spam.

public_html/wp-config.php

Source: For more WordPress security tips, check out the slides from Brad Williams’ WordPress Security presentation at WordCamp Boston 2010.

Tags: