Wordpress and other CMS Are easily hacked by SYMLINK We have already protected the server from SYMLINK Protection But as an Additional Security you need to protect your wp-config.php to avoid such attacks

Change the wp-config.php file permission to 400 (Means only the user can read the file and other groups or users can't able to read it)

Add the below line :

Options -Indexes

To your .htaccess file

we recommend you to do this permission 0400 for all your configuration files !
Was this answer helpful? 0 Users Found This Useful (0 Votes)