How to Protect WordPress wp-config.php with .htaccess

Posted by Lasantha Bandara File Under : security, wordpress 0 Comment

WordPress is the most popular content management system (CMS) in today. Over 60 million people have chosen WordPress to create their websites or blogs. With this popularity of WordPress, some people try to attack WP websites for whatever reason they see fit. WordPress configuration file (wp-config.php) is the main configuration file in your WordPress website. It includes your database username/passwords and many site settings.

In this quick tutorial, I am going to explain how to project your wp-config file using .htaccess.

Note: Before editing .htaccess file, please get a backup of it.

Now go to your site "public_html" folder and open .htaccess file for editing.

Protect wp-config file using htaccess

Add this code to into .htaccess and save it.

# to protect wp-config.php
<Files wp-config.php>
	Order Allow,Deny
	Deny from all
</Files>

You are done!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.