Protect Your WordPress WP-Config.php Via .htaccess - Hacker Proofing Your Site

Protect Your WordPress WP-Config.php Via .htaccess - Hacker Proofing Your Site | WP Learning Lab

Рет қаралды 17,608

WordPress Tutorials - WPLearningLab

Күн бұрын

Пікірлер: 46

@osvaldowesly9993 Жыл бұрын

Bjorn’s tutorials are absolutely excellent.

@wplearninglab Жыл бұрын

Thanks Osvaldo :) Much appreicated!

@balescreative3115 5 жыл бұрын

Worked great!! Thanks for all your awesome tutorials! Super awesome. Had a bit of trouble finding the file, as BlueHost wasn't showing hidden files even though the box was ticked. Found the code to work around that on YT also...and it's all good. Yes 💛 everyone sharing and helping each other. Thanks again. 👊

@wplearninglab 5 жыл бұрын

No problem, I'm happy to help :) Thanks for watching!

@infoDecor101 8 жыл бұрын

@Wp Learning Lab Very well explained Videos, Hats off to you man :) have some questions, After installing fresh install of wordpress, Under how much time should we tweak our htaccess file ? Should we first install our desired themes and security plugins or go for tweaking wordpress root files as soon as possible as shown in your security videos ? Please clarify.

@Authoratah 9 жыл бұрын

best wordpress security videos on KZbin....thanks.

@wplearninglab 9 жыл бұрын

+GManGT Thanks for your encouragement. I do my best :)

@5DPORTAL 6 жыл бұрын

Love your content, is been helping me alot with Wordpress :)

@wplearninglab 6 жыл бұрын

Thanks Ben, I'm glad to help. And thanks for watching!

@everydeal 8 жыл бұрын

Thank You very much for the quick & easy tutorial! I will recommend this on my website :-))

@fleetdreamz 6 жыл бұрын

Have a beginner question: It worked for me, tested and got the 403 error ... My question is, with so many hack attempts, I assume these 403 errors pile up in some file in my c-panel...Where would these errors go and can/how or should they ever be deleted? Thanks in advance! SUBSCRIBED!

@wplearninglab 6 жыл бұрын

First, thanks for the sub! Second, I think that's an intermediate question. If you're thinking about error logs you're well beyond beginner :) In your cPanel you should have a section called 'error logs' that will contain files with error information. There isn't really a need to clear them because they're not loaded anywhere on your site. So a big error log file doesn't hurt your load speed. If you can't find the error logs in the cPanel contact your host's support. They'll be able to point you in the right direction. I hope that helps and thanks for watching!

@imad200430 2 жыл бұрын

Hi, We are in 2022 and you great vidéo is serving me a lot so thank you so much

@jolovesnailart 9 жыл бұрын

Thank you for a very clear and understandable explanation, very helpful for a noob like me :)

@wplearninglab 9 жыл бұрын

+Jo lovesnailart You're welcome, I'm glad I could help!

@abigroman 6 жыл бұрын

Thank you! I will subscribe!

@wplearninglab 6 жыл бұрын

Sorry for the delay in responding. Thanks for the sub Drew, I really appreciate it!

@ruthl2ess 4 жыл бұрын

thank you sr.....can i also change the place of wp.config and restrict access both at the same time

@gregtdude 7 жыл бұрын

Thanks muchly Bjorn!

@wplearninglab 7 жыл бұрын

+gregtdude No problem, thanks for watching!

@alphamalenetwork3491 7 жыл бұрын

What if you have backdoors in your wp-content file and blog file. For example: blog.dir/index.php /wp-admin/includes/class-pclzip.php /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js /wp-content/plugins/contact-form-7/includes/js/scripts.js /wp-content/plugins/jetpack/_inc/postmessage.js /wp-content/plugins/post-thumbnail-editor/apps/coffee-script.js /wp-content/plugins/post-thumbnail-editor/apps/angular/angular.min.js /wp-content/plugins/post-thumbnail-editor/apps/requirejs/require.js /wp-content/plugins/post-thumbnail-editor/js-build/main.js /wp-content/plugins/so-widgets-bundle/base/js/admin.js How do you patch those up?

@wplearninglab 7 жыл бұрын

For plugins, the best way is keep them up-to-date. If you find vulnerabilities in a plugin tell the developer right away so that they can create a patch and release it to every one. I hope that helps and thanks for watching!

@alphamalenetwork3491 7 жыл бұрын

You're awesome man! Those .htaccess codes saved me a lot of time and money. Hostgator wanted me to get on Sitelock for 70 dollars a month! Can't you believe that? High way robbery. I used wordfence and blocked idiots who tried to access my logins & wp-config. Great videos.

@wplearninglab 7 жыл бұрын

+Alpha Male Network $70 per month seems a little steep, but good work for saving the $. Most people don't want to be bothered with taking a couple hours to learn this stuff and would rather spend big bucks to have someone else to do it for them. Another great service to look into is cloudflare. I haven't made a tutorial for it yet, but even their free tier provides great added security for your site. Thanks for watching!

@apsommer 7 жыл бұрын

Thank you!!!

@wplearninglab 7 жыл бұрын

+Andrew P. Sommer Anytime Andrew, thanks for watching!

@sarkarijob7931 8 жыл бұрын

Hi I got the .htaccess file now and put the code now it is taking me to 404 page,,,,but I want to know one more thing that is this security is enough for website....I have seen people hide their wp-config.php and put the in different folder do I need to do that and what more security can be put to prevent from hacking....do let me know....thanks....

@babarali4313 4 жыл бұрын

When I access wp-config.php after make changes to htaccess, it gives me 404 error. the same error is given even without adding this code

@rammos1 6 жыл бұрын

i got a 500 internal server error after i changed the htaccess file :( why?

@wplearninglab 6 жыл бұрын

Hi Rammoss, KZbin doesn't allow the pointy brackets (Shift period and Shift comma) in descriptions so make sure they match what you see in the video. But, they allow pointy brackets in comments for some reason. So copy and paste the code below. That should solve your problem: # BEGIN Protect the wp-config.php file order allow,deny deny from all # END Protect the wp-config.php file

@mr.rebarpro257 4 жыл бұрын

thanks

@sarkarijob7931 8 жыл бұрын

Hi I have checked .htaccess in file manager and I could not get it so as per your instruction I tried to create but got the error....let know what next can be done....error saying file already exist so I tried to find but did not get it...let me know..

@ReggaeWorkoutMix 8 жыл бұрын

+Sarkari Job Look for Settings at the top right corner of File Manager in cPanel and click on it. You should see this option with a checkbox: Show Hidden Files (dotfiles) ...make sure there is a tick in the box! Click save and the .htaccess file will show.

@fouadhashesh3143 4 жыл бұрын

Please I need to know the parameters for a PoC

@billfiskilis4539 2 жыл бұрын

Any updates on this?

@infoDecor101 8 жыл бұрын

Whenever i apply this code , & open my site it shows "Internal Server Error " Please help.

@itsrockitt 6 жыл бұрын

same here. I had to remove the code

@PhabOdx 5 жыл бұрын

You are the best. Please share me the .htaccess file

@fouadhashesh3143 4 жыл бұрын

What is the parameters ?

@LeenaStark 5 жыл бұрын

order allow,deny deny from all

@LeenaStark 5 жыл бұрын

@The TiK Tok Probably the most important file in your #WordPress website’s root directory is *wp-config.php* file. It contains information about your *WordPress Database* and how to connect to it. To protect your *wp-config.php* file from unauthorized access, simply add the code I have posted above to your *.htaccess* file. Hope this helps you out.

@sejarasakura 4 жыл бұрын

can i lock all .php in access

@wplearninglab 4 жыл бұрын

You can, but that cause unexpected issues because your still needs access to lots of php files. You're best bet is to restrict access to the wp-config and set proper permissions for all the other files and folders. I have a tutorial for it here: kzbin.info/www/bejne/ZmXNf4aQqbqdp7M I hope that helps, let me know if you have any further questions. Thanks for watching!