WordPress - .htaccess - protect config file

/ Published in: Apache
Save to your folder(s)

The problem
As a WordPress user, you probably know how important the wp-config.php file is. This file contains all of the information required to access your precious database: username, password, server name and so on. Protecting the wp-config.php file is critical, so how about exploiting the power of Apache to this end?

Code explanation
.htaccess files are powerful and one of the best tools to prevent unwanted access to your files. In this code, we have simply created a rule that prevents any access to the wp-admin.php file, thus ensuring that no evil bots can access it.


* 10 Easy Ways to Secure Your WordPress Blog

Copy this code and paste it in your HTML
  1. <files wp-config.php>
  2. order allow,deny
  3. deny from all
  4. </files>

Report this snippet


RSS Icon Subscribe to comments

You need to login to post a comment.