The main core files that you need to be cautious of when it comes to WordPress is the .htcaccess and wp-config.php
.htaccess
The .htaccess file in WordPress is like a rule book for your website’s server. It tells the server how to behave in certain situations and how to handle various aspects of your website. For example, it can redirect visitors from an old page to a new one, or it can set up pretty permalinks that are more human-readable.
Think of it like a traffic director, guiding different parts of your website based on the rules you set. But be careful, just like changing traffic rules can cause confusion, making changes to the .htaccess file without knowing what you’re doing can cause your website to stop working properly.
wp-config.php
The wp-config.php file in WordPress is like the ID card of your website. It contains important information that connects your website to its database. The database is where all your website’s content, like posts, pages, and comments, are stored.
So, the wp-config.php file is crucial because it helps your website find its content in the database. Without this file, your website wouldn’t know where to look for its content, and it wouldn’t be able to function properly.
Just like you’d protect your ID card, you should also protect the wp-config.php file because it contains sensitive information. If it falls into the wrong hands, it could cause serious problems for your website