Good Practice for Securing the WordPress wp-config.php File
Without diving into the arguments for and against moving the wp-config.php file as a security precaution, if you do decide to secure the file, here’s one way of doing it that draws on an earlier suggestion about enabling PHP code to adapt to different server storage architectures.