WordPress.org

Resolved janyx
(@janyx)

3 months, 1 week ago

I want to ask if you set the privileges for wp-config.php to 600 or 400, or leave the default at 644.
I have my own hosting, so I leave it at 644 and the directories at 755.

Viewing 6 replies - 1 through 6 (of 6 total)

Lina Asenova
(@linaasenova)

3 months, 1 week ago

600 is the most secure setting, allowing only the file owner to read and write. 644 is the default setting, which allows the file owner to read and write while making it also readable for others.

Since you have your own hosting, leaving it at 644 works. However, if you’re looking for better security and have full control over the server, 600 is safer.

threadi
(@threadi)

3 months, 1 week ago

See also: https://developer.wordpress.org/advanced-administration/server/file-permissions/

Thread Starter janyx
(@janyx)

3 months, 1 week ago

I’ve never dealt with this, but it would be safer to set the value to 400

threadi
(@threadi)

3 months, 1 week ago

Remember: there are also plugins that write to the file. E.g. to store license codes or hashes. Some also need to be updated from time to time. 400 would prevent this, which would make it impossible to use some plugins. Or you would have additional manual work.

Thread Starter janyx
(@janyx)

3 months, 1 week ago

OK, I’ll use 600. 🙂

Moderator Samuel Wood (Otto)
(@otto42)

WordPress.org Admin

3 months, 1 week ago

Basically, the lowest number that works is probably better. 😀

Viewing 6 replies - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

In: Everything else WordPress
6 replies
4 participants
Last reply from: Samuel Wood (Otto)
Last activity: 3 months, 1 week ago
Status: resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics