There are 2 ways of installing WordPress.
- Manual installation
- Easy 5 minute installation
The installation is done in 2 levels, one at the root directory and other in the subdirectory level. Directory is the place where the link for your pages is stored. When a user requests a webpage, it fetches from this directory.
If you install it in the root directory, Root directory becomes the base for the CMS. Since this is completely an open source, the data here becomes more vulnerable.
Should WordPress be installed in the Root?
In simpler terms, consider your home as an example. Root becomes your main door. Think about a gate and then your home. You are protected from unnecessary dangers and threats.
A small bug can spoil your whole project. Once your base setup is gone, you are sure to lose all of the data.
Configuration files are visible to all and hence possibilities of damage to your system. These files contain information not just about the program, but the server/system you have installed this program on. Hence it is a threat.
If you install it in the Subdirectory level, the configuration files are enclosed within a directory.This becomes a gate, where your Config files are inside a folder. Other web pages come outside the box.
Thus, we suggest you install the program in the subdirectory level and not at the root, to keep your blog, project safe and secure. If you wish to install in the root, go ahead and do, but at your own risk.