There are 3 options for every file and folder in WP – Read, write and execute for User, group and world.
User is the admin right? world means public? and group I dont have any other people as admin or editor. Only me running the site.
By default, wp-login.php is set to group and world too. Does that mean people will be able to view the login page of my site? should not I uncheck world and group?
\[Imgur\]([https://imgur.com/KNcKhiU](https://imgur.com/KNcKhiU))
By default, wp-admin.php is set to Read and Execute for Group and world also. But why?
Why the world needs to see and execute wp-admin.php? Should not the user only have read, write and execute?
\[Imgur\]([https://imgur.com/x37WOCT](https://imgur.com/x37WOCT))
Similary with wp-config.php read is also there for group and world. This can be because loginizer advised to change to 0444 and I did chmod 0444 for wp-config.php.
\[Imgur\]([https://imgur.com/h5PG2mb](https://imgur.com/h5PG2mb))
Am I missing some logic here?
View Reddit by yoyobono – View Source