Divi WordPress Theme
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress fix Reply To: Is a request with wp-config.php in the query string ever legit ?

Discussion in 'Misc WordPress Requests' started by catacaustic, Feb 25, 2018.

  1. catacaustic

    Guest

    Reply To: Is a request with wp-config.php in the query string ever legit ?, by catacaustic

    You are right, all of those are hacker scritps looking for known vunerabilities to download your config file.

    WordPress doesn’t do a public call over http to the config file. It uses PHP’s internal require_once() function, and that is only done on the file system. Anything that’s called over http should never include that file like that.

    Reply To: Is a request with wp-config.php in the query string ever legit ?
     
    #1

Share This Page

Monarch Social Sharing Plugin