WordPress.org

Ready to get started?Download WordPress

Forums

wp-config outside doc root? (6 posts)

  1. Timboy
    Member
    Posted 7 years ago #

    For security reasons, shouldn't wp.config.php be kept outside the document root of the web server? If so, what re-coding would need doing to point to it?

  2. moshu
    Member
    Posted 7 years ago #

    What security reasons? (Just curious...)
    Try to read this: http://wordpress.org/development/wp-config.php

  3. Timboy
    Member
    Posted 7 years ago #

    Hi, your link gave me a blank page.

    I thought it was good practice to keep any important files outside the docroot - for instance, one that contains database usernames and passwords.

    In the event of (for instance) PHP falling down on the server the page could be viewed as plain text by anyone.

  4. yosemite
    Member
    Posted 7 years ago #

    Hi, your link gave me a blank page.

    I think that was the point.

  5. Timboy
    Member
    Posted 7 years ago #

    I think that was the point.

    Yeah, I realised after I'd woken up a little!

    I found this link on the subject http://trac.wordpress.org/ticket/1038

  6. yosemite
    Member
    Posted 7 years ago #

    Good info there... Nice find.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags