login and password are clear in wp-config.php?

  • Hello

    I appologize if the question has already been asked but I made some search before and didn’t found any answers.

    I’ve succesufully installed and setup wordpress on my provider’s web space. It is working fine. However, I have a security concern: The login and passord of the mysql base clearly appear inside the file wp-config.php.

    define(‘DB_NAME’, ‘NAME’); // The name of the database
    define(‘DB_USER’, ‘USERLOGIN’); // Your MySQL username
    define(‘DB_PASSWORD’, ‘PASSWORD’); // …and password

    So basically with any webcopier software, anyone can get the name and password.

    Did I miss something in the installation process? Please tell me how to secure this. Thanks

Viewing 2 replies - 1 through 2 (of 2 total)

  • If they attempt to access the file, it runs, since it doesn’t return anything, they wouldn’t see anything. It would have to be actualy downloaded first. Assuming you haven’t given out your FTP access info, shouldn’t be a problem.

    Tg

    Thread Starter chrisdigo

    (@chrisdigo)

    TechGnome, thanks for your quick and precise clarification. :o)

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘login and password are clear in wp-config.php?’ is closed to new replies.