moving config file out of public html file in joomla

Below are instructions to move the configeration.php file out of the public_html folder. The code they use show how to move the configuration one folder up.

I have my joomla installation in a joomla folder inside the public html folder. Therefore, I have to move two folders up. What is the code I need to add to the two designated spots to do that? I want the file in a folder called "security".

Step 1 :  Move configuration.php to a safe directory outside of public_html.

Step 2: You will have to modify the /includes/defines.php and /administrator/includes/defines.php files, more precisely, this constant:

If, for example you wish to move the file up one level and into a folder named "test" the constant will look like this:
define( 'JPATH_CONFIGURATION', JPATH_ROOT.DS.'..'.DS.'test' );

Step 3: Make sure the configuration.php is not writable at all, so that it can not be overridden by com_config.

Step 4: If you need to change configuration settings, do it manually in the relocated configuration.php
Who is Participating?
Jesse MatlockUX EngineerCommented:
If you have any type of reasonable security on your hosting platform, this is unnecessary. We use high end VPS servers with excellent security and never have a problem running dozens of joomla sites. Even with going to these extreme efforts, if you lapse updating when a security fix comes out.. you're just as vulnerable.

So, my recommendation - ensure your server is a secured platform. Stay on top of Joomla updates.

I personally get alerted to security breaches on our servers and there are dozens of attempts every single day.. sometimes hundreds. Not only does the configuration of our server ensure they 'don't get in' we also add repeating IPs to a blacklist.

Who do you host with currently?
Jesse MatlockUX EngineerCommented:
why would you want to go through this trouble. On a secure server there is very little, if any chance (unless vulnerability already exists in the code) to compromise your site.
So what is ur goal ? WHy u are moving the config file?

Anyway it is advisable to take a backup of ur site daily using cron ,if u concern abt the viruses.

For ur question ,please check this threads

Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

Praveen ValluriCommented:
moving confgiuration file will not  let your joomla to work any more
you can rename the joomla folder and change it inside your configuration.php file.
Then you copy the contents of your security folder here
wingcatAuthor Commented:
The reason I want to move it is because I recently installed RS Firewall and it's one items on a list that enhances the security of the site. They also suggest moving the log and temporary folders to a 'security' folder outside of the public html and redirecting it in joomla/global configuration.

Or is this not such a big deal?

wingcatAuthor Commented:
wingcatAuthor Commented:
I am just using normal linux hosting. That is why this may be a concern for me.
Jesse MatlockUX EngineerCommented:
Check into Liquid Web. We have used everyone from the cheap (bluehost) to the expensive (rackspace, mosso, etc) and have found Liquid Webs VPS the best value and most secure of them all. Hands down. And most importantly, their support is excellent. They also offer less expensive hosting than the VPS offerings, but on similar servers.

Check them out here:
(this is my referral link, if you like them, get back to me and I will find a coupon code for you as well)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.