WordPress-.htaccess-保护配置文件

Posted 2021-02-25

The problem
As a WordPress user, you probably know how important the wp-config.php file is. This file contains all of the information required to access your precious database: username, password, server name and so on. Protecting the wp-config.php file is critical, so how about exploiting the power of Apache to this end?

Code explanation
.htaccess files are powerful and one of the best tools to prevent unwanted access to your files. In this code, we have simply created a rule that prevents any access to the wp-admin.php file, thus ensuring that no evil bots can access it.

Source

* 10 Easy Ways to Secure Your WordPress Blog

<files wp-config.php>
order allow,deny
deny from all
</files>