Another way to secure your wp-config.php and .htaccess files by setting up specific permissions on these files using chmod function. This makes your WordPress blog a lot more secure then ever. Setting the permissions on such files (wp-config.php and .htaccess) is good idea, because these are very sensitive containing your database information (like username, password and database name).
What is chmod function?
It is simple function to let you set permission (for users, groups, and public) on files and folders. You can set the permissions on writing, reading and executing for users, groups and public. Let’s see a complete pack of permissions what this function can provide us. Before we began take a look on to following chart:
Write = w
Read = r
Execute = x
7 4 4 user group world r+w+x r r 4+2+1 4+0+0 4+0+0 = 744
|0477||-r–rwxrwx||owner has read only (4), other and group has rwx (7)|
|0677||-rw-rwxrwx||owner has rw only(6), other and group has rwx (7)|
|0444||-r–r–r–||all have read only (4)|
|0666||-rw-rw-rw-||all have rw only (6)|
|0400||-r——–||owner has read only(4), group and others have no permission(0)|
|0600||-rw——-||owner has rw only, group and others have no permission|
|0470||-r–rwx—||owner has read only, group has rwx, others have no permission|
|0407||-r—–rwx||owner has read only, other has rwx, group has no permission|
|0670||-rw-rwx—||owner has rw only, group has rwx, others have no permission|
|0607||-rw—-rwx||owner has rw only, group has no permission and others have rwx|
Hint: Take into account never use 777. Changing File Permissions in WordPress.
Secure wp-config.php and .htaccess Files Using “Chmod”
Setting Permissions for wp-config.php File
1. Login to your cPanel using FileZilla or any other ftp client software.
2. Goto public_html > yourdomain folder.
3. There right click the file wp-config.php > file permissions…
4. For wp-config.php file the chmod should be 400, this mean the only users (admins) can read this file rather than modifying, and executing.
Setting Permissions for .htaccess File
1. Do the same as like wp-config.php file.
2. Set the permissions for .htaccess file 644 which is normally recommended for it.
All we’ve done. Have a Good day