WordPress.org

Support

Support » Plugins and Hacks » iThemes Security (formerly Better WP Security) » [Plugin: Better WP Security] CHMOD 444 on?

[Plugin: Better WP Security] CHMOD 444 on?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The problem with making index.php 444 would cause it not to get replaced when a new WordPress update is performed. wp-config.php and .htaccess shouldn’t matter, as they will usually only be updated manually.

    Actually you want to get those files as close to 400 as possible. Some say that .htaccess is more secure at 404. You could try setting wp-config.php and the root index.php to 400 and see if your site still works. If so, that would be most secure.

    On the wp-config.php, I always move it up from the public_html to Home Directory and set permissions to 400 for additional security.

    Full Security 😉

    .htaccess 404
    index.php 400
    wp-blog-header.php 400
    wp-config.php 400
    xmlrpc.php 400

    root 705
    wp-admin 701
    wp-content 705
    wp-includes 701

    🙂

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Better WP Security] CHMOD 444 on?’ is closed to new replies.
Skip to toolbar