typo
ethicalhack3r
@@ -16,7 +16,7 @@ WordPress used to set the 'admin' username by default on all installations. In r
|
|||||||
|
|
||||||
Through experience we've found that WordPress plugins are normally the weakest link in a WordPress blog's security. Many plugins are susceptible to Cross-Site Scripting (XSS), SQL Injection and other attacks. By keeping plugin installations to a minimum you reduce the attack surface.
|
Through experience we've found that WordPress plugins are normally the weakest link in a WordPress blog's security. Many plugins are susceptible to Cross-Site Scripting (XSS), SQL Injection and other attacks. By keeping plugin installations to a minimum you reduce the attack surface.
|
||||||
|
|
||||||
**5. Move the wp_config.php file one directory up, outside of the web root directory.**
|
**5. Move the wp-config.php file one directory up, outside of the web root directory.**
|
||||||
|
|
||||||
WordPress will look inside the web root directory for the wp-config.php file as well as within the directory above it. This will help in minimising the file being exposed to the Internet.
|
WordPress will look inside the web root directory for the wp-config.php file as well as within the directory above it. This will help in minimising the file being exposed to the Internet.
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user