Delete wp-config.php or leave?

  • Since wp-config.php has the MySQL username/password should this file be deleted? It is web accessible if left where it is correct?

Viewing 2 replies - 16 through 17 (of 17 total)

  • I stumbled across this thread while researching security for wp-config. I know it’s a pretty old thread, now, but I’m sure that there are lots of other new WP users who are wondering whether it is safe to leave the wp-config.php file where it is. So, after some research I have concluded that:

    NO, you cannot delete wp-config.php without screwing up your entire blog
    YES, leaving it there does present a security risk

    For a solution I recommend this article, which details several methods for protecting wp-config WITHOUT deleting it. Hope someone finds this helpful!
    Rach

    Just don’t leave the “configured” wp-config file on your computer – else some prying “eyes” may see it. ;-]

Viewing 2 replies - 16 through 17 (of 17 total)
  • The topic ‘Delete wp-config.php or leave?’ is closed to new replies.