From 1c8b62ddaf06fc05c2835075690012428d5e2982 Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Tue, 17 Jul 2012 13:09:55 -0700 Subject: [PATCH] typo --- WordPress-Security-Tips.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/WordPress-Security-Tips.md b/WordPress-Security-Tips.md index 631d47d..cf65f92 100644 --- a/WordPress-Security-Tips.md +++ b/WordPress-Security-Tips.md @@ -16,7 +16,7 @@ WordPress used to set the 'admin' username by default on all installations. In r Through experience we've found that WordPress plugins are normally the weakest link in a WordPress blog's security. Many plugins are susceptible to Cross-Site Scripting (XSS), SQL Injection and other attacks. By keeping plugin installations to a minimum you reduce the attack surface. -**5. Move the wp_config.php file one directory up, outside of the web root directory.** +**5. Move the wp-config.php file one directory up, outside of the web root directory.** WordPress will look inside the web root directory for the wp-config.php file as well as within the directory above it. This will help in minimising the file being exposed to the Internet.