Hi claudel,
I implemented the solution you linked to in your first post:
https://www.sonic.net/support/faq/advanced/phpwrap/
It’s really easy to do, and works well. I’ve now got a config file that is private. Yes, the whole thing runs as me instead of ‘nobody’, but I think that’s better than having my credentials exposed.
You do need to wrap all the PHP scripts in the wordpress directory, because any of them may access the config file. It’s the entry point that defines which user the code runs as, so you can’t just wrap wp-config.php alone.
No other files need to be wrapped, however. If you follow the instructions at the above link, you’ll get the desired result.
I only did one thing differently: wp-config.php is the only file I care about, so it’s the only one I changed permissions for. It’s set to -rw——- (600), while the rest are still set to -rw-r–r– (644).
Good luck!
Alex
