webmaster1 Posted July 4, 2010 Share Posted July 4, 2010 For Wordpress, wp-config.php sits in web root and contains sensitive information relating to databases etc. I've used .htaccess to forbid access. I've also read that I need to move the file above/below the web root. Moving it to a subdirectory doesn't really seem secure. I've tried including the details from a directory outside of (above, I think) public_html but Wordpress breaks and simply displays the included code as plain text (with all the sensitive details in plain sight mind you). Any tips? Quote Link to comment Share on other sites More sharing options...
sixserve Posted July 11, 2010 Share Posted July 11, 2010 You'll have to find where wordpress is including wp-config.php, and change it to ../wp-config.php Quote Link to comment Share on other sites More sharing options...
webmaster1 Posted July 23, 2010 Author Share Posted July 23, 2010 The included file wasn't wrapped in php tags. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.