WordPress.org

Ready to get started?Download WordPress

Forums

all the information are in the wp-config.php file, everyone can read that ??? (6 posts)

  1. MyWPorg
    Member
    Posted 2 years ago #

    all the information are in the wp-config.php file, everyone can read that ???

    So how do you protect against someone try to read that file, it is default file for all the username, password and secure keys for the whole installation?

    Am I missing something, im new at this kind of script.

  2. Alain Lankers
    Member
    Posted 2 years ago #

    Read this article, it has some info about this issue: http://docs.appthemes.com/tutorials/secure-your-wordpress-wp-config-php-file/

  3. esmi
    Forum Moderator
    Posted 2 years ago #

    everyone can read that

    Only if they first gain direct access to your server.

  4. mrmist
    Forum Janitor
    Posted 2 years ago #

    but imagine for a minute the shared server you’re on somehow gets hacked and the php handler gets changed to txt–you’re in trouble. It’s not very likely but you can make one of the following changes to prevent this which adds another layer of protection and gives you peace of mind

    I see what that article is trying to do, but frankly if someone has gained sufficient access to your server to mess with php handlers, you have more to worry about...

  5. MyWPorg
    Member
    Posted 2 years ago #

    Which method do you use to save guard it 1 more step?
    Move the file or modify the file in apache?

    Actually can I do both?

    If someone hack into server, then they can modify anything.

  6. esmi
    Forum Moderator
    Posted 2 years ago #

    If someone hacks into the server, there is nothing you can add via WordPress that can stop them doing anything that they want to do.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.