You know, in WordPress, the wp-config.php file is the most vital file for WordPress settings. By default, it’s located in the initial folder which is the root directory of the WordPress folder. The thing is you can move it anytime and even you can move it outside your public HTML directory so that your users can’t access it. WordPress by default can look in other directories if it doesn’t find any file in the root directory.
You can add the following code to your .htaccess file to minimize your user’s accessibility to your directory.
This is how you can secure your WordPress configuration file. Hopefully, this pro-tip was helpful. Find more Pro-tips here.