Publicly accessible config, backup, or log file found: .wp-config.php

  • Resolved jess888

    (@jess888)


    3 years, 3 months ago

    WF Premium member

    Getting this error in my WF scan:
    Publicly accessible config, backup, or log file found: .wp-config.php.swp
    Type: Publicly Accessible Config/Backup/Log

    Here is what I have in .htaccess:

    # BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
# Wordfence WAF
<Files ".user.ini">
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
	Order deny,allow
	Deny from all
</IfModule>
</Files>
<Files php.ini>
    Order allow,deny
    Deny from all
</Files>
# END Wordfence WAF

    I would love your assistance; thank you.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • Did you try clicking the ‘hide file’ button on the scan result? You absolutely shouldn’t have any wp-config.php file world visible, even if it is a backup copy.

    Tim

    Thread Starter jess888

    (@jess888)

    It worked; thank you so much. I thought that Hide File meant Ignore; my mistake.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Publicly accessible config, backup, or log file found: .wp-config.php’ is closed to new replies.