Securing the configuration file

 

As you can probably already guess, hackers find the valuable information
stored in the wp-config.php file attractive. If someone with nefarious
intent were to get your database username and password, he could log in
and undo everything that you’ve built! Therefore, take whatever steps you
can to secure that file so that no one, but you, has access to it. One quick
and easy way to do that is to disallow any bots (automated software appli-
cations that run on the Internet) access to it and to change the file permis-
sions. To do so, follow these steps: