How to secure config.php file

marcyslen

Member
Joined
Jul 9, 2016
Messages
48
Points
8
I saw config.php file in my web root, i am not sure it can be viewed by someone or not, is there a way to secure this file on my hosting?
 

energizedit

Well-known member
Registered
Joined
Dec 13, 2016
Messages
259
Points
18
Most likely it can not be "read" by anyone other than you. But you can change the permissions using the cPanel File Manager, change the permissions to Owner read and everything else as no permissions (Group and Everyone would have no permissions)

You will want to make sure that whatever software (eg. Wordpress) you have installed can still read the config.php file though.
 

marcyslen

Member
Joined
Jul 9, 2016
Messages
48
Points
8
Most likely it can not be "read" by anyone other than you. But you can change the permissions using the cPanel File Manager, change the permissions to Owner read and everything else as no permissions (Group and Everyone would have no permissions)
How to change the permissions for my files in cPanel? I leave default setting when uploaded my files to my host. What permission should I set for each file?

You will want to make sure that whatever software (eg. Wordpress) you have installed can still read the config.php file though.
I want to have several ways to protect my config.php file on my WP sites, I read Wordpress sites could be hacked in different ways.
 

UH-Peter

[email protected]
Hosting Provider
Registered
Joined
Dec 4, 2016
Messages
120
Points
18
You can change the permissions for files through the cPanel File Manager or in your preferred FTP program. In File Manager, locate the file you wish to change the permissions for. Next, right click and select Change Permissions from the menu (or select the icon near the top of the screen).

PL_fix_Selection_19.jpg
PL_fix_Selection_20.png

This will bring up the Change Permissions window where you can adjust the settings as needed by checking the box by each permission you want for each level of access (User, Group and World).

PL_fix_Selection_21.png

Once you are finished editing your file permissions, click the "Change Permissions" button.

Keep in mind that you should only change file permissions if needed. You want to make sure that you aren't allowing more access to your files than is necessary, since that can leave your website vulnerable.

Incorrect file permissions can cause errors or even worse, allow unauthorized users to hack your site. Remember that 777 permissions means that your file is readable, writeable and executable by the "world". This is not common, as it is a rare situation where a file needs to be written and executed by the "world." If you find files or folders with permissions that do not match the default permissons, it's usually best to change them to the recommended permissions.
 
Older Threads
Replies
6
Views
3,475
Replies
5
Views
2,625
jwn
Replies
7
Views
7,379
Replies
14
Views
6,284
Newer Threads
Replies
10
Views
3,679
Replies
5
Views
2,059
Replies
4
Views
2,245
Replies
4
Views
2,190

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top