Secure Config PHP file

July 21, 2021

WordPress Security Secure Config PHP file

Video Transcript

One of the most important files that make up your WordPress site is your WP dash config dot php file. You see it contains a lot of important details about your site and the database that stores much of the contents of your site.

So this makes your WP dash config dot php file a major target for hackers wanting to gain access to your site. Now, like with other hacking targets and methods we’ve covered so far in previous lessons, that typical hacker knows the default location of your WordPress files, and goes there to begin their hacking process.

And it’s worth mentioning that this is not one of the best security steps, and some have good arguments that it is not effective to stopping a top tier hacker. And that’s likely true. But if a top tier hacker wants into your site, then there’s little that you can do to stop them. That’s why you do regular backups so that you can remove the hacker and all their damage and use your fresh back up to get back in business. Now what we’re focusing on in many of these security related classes are the many other not so smart hackers or bots.

And these are the ones that will quickly move on to the next site whenever they run into the slightest turtle. And in this class, I will just show you how we can quickly and easily keep these hackers from getting to your WP dash config dot php file, we move it, let’s go and log into our control panel. In my case, it’s going to be cPanel and go to the File Manager where our WordPress files are located. And just before we get there, I just want to show you that the site is currently working, go ahead and refresh because we are moving some files in that can sometimes cause issues. I’m logged into the admin area here, go and refresh this.

Yep, we’re good. Okay, so hopefully we get the same results after we’re done. Spoiler alert, we will. So I’m in my cPanel control panel, we’ll go into our file manager. And wherever your WordPress sites root directory is, that’s where you want to head to, in my case, it’s public underscore HTML. And if we click on that, he know that you’re in your site’s root directory, we’ve got at least these three folders and a bunch of other files. And what we’re looking for is a WP dash config dot php, not the one that says sample the WP dash config dot php, and quite simply, we just selected I’m going to left click hold and drag this up here to the area where the little house is at. And believe it or not, WordPress is still going to be able to find it.

But the hackers want at least ways those not so smart hackers and those bots. So let’s come on back to our site, do a quick refresh. And we’re good still up and running. And likewise with the homepage. We’re still good. And that’s gonna bring us to the end of this class on securing your WordPress site by moving your WP dash config dot php file. Thanks for checking it out and you have a great day.

Previous Lesson

Back to Course

Next Lesson

Secure Config PHP file

Lessons in This Course

Why Hack My Site?

Computer Security

Secure Hosting

Managed Hosting

Secure Auto Install Using cPanel

Secure Manual Install Using cPanel

Monitor Site – Uptime

Backup Plugins

Manual Backup

Security for PHP

Remove User 1

Username Trickery

Hide Admin Username

Hide Any Username

Hide Database Prefix – Method 1

Hide Database Prefix – Method 2

Replace Security Keys – aka Salts

Secure Config PHP file

Customize Log-in Error Message

Brute Force Attacks and Solutions

Remove WordPress Version Number

Has Your Site Been Hacked?

Hacked Site Cleanup

What to do After Cleanup

Site Health Tool

The Good and Bad of Plugins and Themes