I was wondering if moving the wp-config.php file out of the WP root folder would be a good idea for added security and preventing this vital configuration file being compromised?
This is just an idea:
Insert the below code in config.php in the root folder.
<?php require( dirname( __FILE__ ) . '/../cfgnet/cfg.php' ); ?>
this refers to our main WP config.php which we have moved to say a folder named "cfgnet" and renamed the file to "cfg.php"
Since it's outside the public_html folder, it cannot be accesses by prying eyes.