Connect with us

Move Username and Password Outside of WP Web Tree

solution

Move Username and Password Outside of WP Web Tree

WordPress, like many other CMS’s, stores MySQL username and password in a configuration file, in WP case, wp-config.php.

Although WP PHP code is interpreted at the server, the user name/password combination is unlikely to be shown in a web browser. But it really not wise to store the combination in a publicly accessible place. Should the server stop interpreting PHP for some reasons, the combination would be available in plain view and readable by the world.

This TIP will show how to move the username/password combination to a secure place outside of your web tree.

Precaution: This is a serious attempt and it may cause your web site stop working. You MUST know what you are doing and proceed at your own risk.

Let Assume:
Your site root is /home/yoursite.com/
Your web root is /home/yoursite.com/public_html

Create a folder outside your web root
Use SSH/Cpanel create a folder called /home/yoursite.com/securedata
(you can name it to whatever you like)

Create a php file using a text editor, such as wordpad or notepad.

Fill in your mysql information in the file

<?php
$db_user   = “db username”;   //database username here
$db_passwd = “db password”;  //database password here
$db_name   = “db name”;    //your database name here
$db_host   = “db host”; //usually localhost
?>

Save it as wp-auth.php and upload it to /home/yoursite.com/securedata

WARNING: Please make sure there is NO white space after ?> You might have a “blank page” or not able to log into your system, if there were a whitespace.

Now, we need to modify wp-config.php file

As always, back up wp-config.php file first, in case that something goes wrong, you can always replace the modified file with the original.

READ  How to Create Tables in WordPress with a Plugin?

Add the following line in the top of wp-config.php file
include (“/home/yoursite.com/securedata/wp-auth.php”);

modify the following setting in wp-config.php file

// ** MySQL settings – You can get this info from your web host ** //
/** The name of the database for WordPress */
define(‘DB_NAME’, $db_name);

/** MySQL database username */
define(‘DB_USER’, $db_user);

/** MySQL database password */
define(‘DB_PASSWORD’, $db_passwd);

/** MySQL hostname */
define(‘DB_HOST’, $db_host);

Make sure there are NO quotes around $db_user, $db_passwd, $db_name, $db_host.

Save the file and test. If your WordPress website continues to function, congratulations!

Continue Reading
You may also like...

We are a WordPress plugin developer company that focuses on useful WordPress plugin creation and empowering people to earn passive incomes from their blogs. We build unique and groundbreaking plugins that will revolutionize your blog!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in solution

    Sign up for our newsletter and get a free affiliate e-book!


    About Me:

    Teodor Coste

    Hi, my name is Szabi and I'm documenting my journey selling plugins on CodeCanyon. I will show you every step of it: learning to code, plugin ideas, WordPress stuff and more. Read more…

    Mega Plugin Bundle:

    CodeCanyon Portfolio:

    Learn to Code Plugins:

    Latest Promotions:

    Recommended Theme:

    Start Your Own Blog:

    Recommended VPN:

    Translate Your Blog:

    AdSense Alternative:

    Best Article Spinner:

    Popular Posts:

    Latest Posts:

    To Top

    Privacy Preference Center

        Necessary

        Advertising

        Analytics

        Other