hi! i just got WP up and running following the wiki instructions. right now, wp-config.php is set to 644 root:root. as you know, this file contains the mysql dbase username:password. when i was installing WP, the wiki instructions had me grant all privileges to the dbase to the user in the world readable file wp-config.php.
i dont have any local users on this box, but as you could imagine, having a world readable file with the credentials of a privileged dbase user doesnt make me feel comfortable. i think chowning the file to the apache user and the chmod 640 would do the trick, but i was wondering if there might be any problems in doing this or was there something i missed in the wiki? sorry if i overlooked something. thanks!
- The topic ‘file permissions on wp-config.php?’ is closed to new replies.