[Plugin: Better WP Security] CHMOD 444 on? | WordPress.org

Seymour Nuggets
(@seymour-nuggets)

11 years, 10 months ago

I’m aware that your lovely program changes the CHMOD on wp-conf and htaccess, but should I also change my index.php to 444 in the main dir?

P.S. Have you ever thought of making a GitHub account?

http://wordpress.org/extend/plugins/better-wp-security/

Viewing 3 replies - 1 through 3 (of 3 total)

MickeyRoush
(@mickeyroush)

11 years, 9 months ago

The problem with making index.php 444 would cause it not to get replaced when a new WordPress update is performed. wp-config.php and .htaccess shouldn’t matter, as they will usually only be updated manually.

Actually you want to get those files as close to 400 as possible. Some say that .htaccess is more secure at 404. You could try setting wp-config.php and the root index.php to 400 and see if your site still works. If so, that would be most secure.

desw
(@desw)

11 years, 4 months ago

On the wp-config.php, I always move it up from the public_html to Home Directory and set permissions to 400 for additional security.

slangji
(@slangji)

11 years, 4 months ago

Full Security 😉

.htaccess 404
index.php 400
wp-blog-header.php 400
wp-config.php 400
xmlrpc.php 400

root 705
wp-admin 701
wp-content 705
wp-includes 701

🙂

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘[Plugin: Better WP Security] CHMOD 444 on?’ is closed to new replies.

In: Plugins
3 replies
4 participants
Last reply from: slangji
Last activity: 11 years, 4 months ago
Status: not a support question