wp-config.php file is one of the most important file in WordPress root directory. It contains the database details and connection details like username and password. So protecting your wp-config.php file from unauthorized access is a good idea. In-order to protect your wp-config.php file from unauthorized access, simply add this code to your .htaccess file.
<Files wp-config.php> order allow,deny deny from all </Files>