The wp-config.php file is one of the most important, hence vulnerable files on your site. It hosts crucial information and data about your whole WordPress installation. It’s technically the core of your WordPress site. If something bad happens to it, you won’t be able to use your blog normally.
One simple thing you can do is take that wp-config.php file, and simply move it one step above your WordPress root directory. Your WordPress site won’t be affected at all by this move, but hackers won’t be able to find it anymore.