In the wp-config.php file in the main directory of my blog I openly enter the username & password of my WordPress MySQL database. What are the security considerations of this method ? If indexing of the blog directory is disabled (i.e. surfers can't just open any file they wany), am I safe ?
Can't anyone just open .../blog/wp-config.php and see the private details ?