Improve WordPress Security by Moving the wp-config.php File

Improve WordPress Security by Moving the wp-config.php File

Here’s a quick security tip that will make it nearly impossible for anyone to access your wp-config.php file. Simply move it one directory above your WordPress root.

Example:

Default wp-config.php file location:

public_html/wordpress/wp-config.php

Move it here:

public_html/wp-config.php

Source: For more WordPress security tips, check out the slides from Brad Williams’ WordPress Security presentation at WordCamp Boston 2010.