Wp-config.php is a very important file. This configuration file contains the login information for your WordPress database as well as other important maintenance settings. It is therefore advisable to disable access to it.
To protect it, use the following code in your .htaccess file
<files wp-config.php> order allow,deny deny from all </files>