WordPress.org

Support

Support » Miscellaneous » all the information are in the wp-config.php file, everyone can read that ???

all the information are in the wp-config.php file, everyone can read that ???

  • MyWPorg

    @mywordpressorg

    all the information are in the wp-config.php file, everyone can read that ???

    So how do you protect against someone try to read that file, it is default file for all the username, password and secure keys for the whole installation?

    Am I missing something, im new at this kind of script.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Read this article, it has some info about this issue: http://docs.appthemes.com/tutorials/secure-your-wordpress-wp-config-php-file/

    esmi

    @esmi

    Forum Moderator

    everyone can read that

    Only if they first gain direct access to your server.

    mrmist

    @mrmist

    Forum Janitor

    but imagine for a minute the shared server you’re on somehow gets hacked and the php handler gets changed to txt–you’re in trouble. It’s not very likely but you can make one of the following changes to prevent this which adds another layer of protection and gives you peace of mind

    I see what that article is trying to do, but frankly if someone has gained sufficient access to your server to mess with php handlers, you have more to worry about…

    MyWPorg

    @mywordpressorg

    Which method do you use to save guard it 1 more step?
    Move the file or modify the file in apache?

    Actually can I do both?

    If someone hack into server, then they can modify anything.

    esmi

    @esmi

    Forum Moderator

    If someone hacks into the server, there is nothing you can add via WordPress that can stop them doing anything that they want to do.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘all the information are in the wp-config.php file, everyone can read that ???’ is closed to new replies.