Hi all – Quick question about permissions/security. I have implemented the technique to post WP articles on a home page outside of the WP directory mentioned here and detailed at:
I found in another post that the person had to set the permissions of the 'wp-config.php' file to 644 to get it to work. I also found this out on my own (after struggling – I should have just searched here).
Anyway, my concern is about the security of this. It appears from some initial testing that the config file is not actually readable (at least going straight to it) in the browser. The reply was that 644 is okay, but I found others that say the default 600 is recommended.
I wanted to get your expert opinions about this to avoid any possible malicious stuff.