Originally published at: How to Scan for Files That Should Not Be In Your WordPress Install - MainWP WordPress Management
Backup files such as MySQL dumps, and wp-config.php backup files should not be stored in your WordPress install’s public_html (root folder). It’s important to note that the backup wp-config.php file can provide an easy way for a site attacker to find the database credentials. These credentials can then be used to directly connect to your…
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.