The wp-config.php file is the file that shows the blog database with username, password. If any hackers can read this file and get all the information, they can mess up the database if they want to. I found this on the website and hope it does work with our WordPress. Edit “.htaccess” of the blog root and resave – set the permission to 444.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /family/
RewriteRule ^index.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /family/index.php [L]
</IfModule># END WordPress
# protect the htaccess file
<files .htaccess>
order allow,deny
deny from all
</files>
# disable the server signature
ServerSignature Off
# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>
3 Comments
This is a great tip especially to those fresh to the blogosphere.
Short but very precise info… Appreciate your sharing this one.
A must read post!