Ready to get started?Download WordPress


wp-config.php File Permissions settings (5 posts)

  1. jetskiron
    Posted 2 years ago #

    My wp-config.php "permission mode" is currently set to 404, meaning that the world (public) can "Read" that file, right? Since that file has my WP database password, would it be better to set it at 400, which would remove the "Read" permission from the public?

  2. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    wp-config.php should be 600 to prevent other users on the server from reading it.

    Go through: http://codex.wordpress.org/Changing_File_Permissions

  3. jetskiron
    Posted 2 years ago #

    Thanks so much Krishna. Since I had the owner part already set to read only, would it be ok to set the file permission mode at 400?

    Just two more questions if you don't mind:
    1. When I add wp-config.php (in 404 mode) to my url in my browser, the file does not open. Why not if it's public? Is there another way for someone to read that file if the permissions were set to read, as it was before this post at 404?

    2. And if "Write" is not allowed for user/owner in 404 mode, why am I able to edit the file and upload it via ftp?

    Thanks so much.

  4. MickeyRoush
    Posted 2 years ago #

    @ jetskiron

    400 is ideal if it will work with your setup. Only you will know if your site still functions at 400.

  5. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    The permissions are explained at the link I provided. A lot more depends on your host also, because these permissions also relate to security issues. So, understand the permissions, look for the permissions at your hosts side and make your own decisions. Without seeing what your host has set for you by default/restrictions, I cannot tell you anything.

Topic Closed

This topic has been closed to new replies.

About this Topic