© 2021 www.richardwalz.com
Richard Walz
All rights reserved.

Improving Security for the “wp-config.php” file

The “WP-CONFIG.PHP” file is very important as it contains all credentials and database information to connect to your database.  If attackers can access or view this information they can perform all sorts of unwanted actions on your wordpress website and possibly to other systems on the same host.

You can quickly increase the security of your “wp-config.php” file by moving it up 1 level.  WordPress is aware of this automatically, there is no need to make any other changes.

Place your “wp-config.php” file up 1 directory level for added security protection.  Mine for example is sitting in my root folder now (circled in red).  This makes it harder for someone to get access to.  The file was originally sitting in the “public_html” folder (circled in purple).  Depending on how your host or sever is setup the directory called “public_html” may be named different, but that doesn’t matter the security function still works.

The other great benefit of doing this is that WordPress is aware of this and you do not need to make any configuration changes.  It is a seamless security improvement!