where to place my database configurations

[shaddf]

where can I put my db login details on a shared web server if this is my directory structure:

/home/mary/

it is on cpanel framework so etc folder,,publichtml folder  are in mary. wht is the best possible way to have them secured ?

[Jacques1]

Place it outside of the document root and make sure it's not readable by anybody but the webserver.

[shaddf]

Place it outside of the document root and make sure it's not readable by anybody but the webserver.

in my case, what is the document root here:/home/mary

on the cpanel structure?

and is that possible on shared hosting(Place it outside of the document root and make sure it's not readable by anybody but the webserver.)

[Jacques1]

I've never used CPanel, so I can't guide you through the GUI.

 

Generally speaking: The document root is the directory used by your webserver to store public files. It's probably “public_html” in your case, so you'll want to keep your database credentials out of this folder. Otherwise you risk leaking the data.

 

Setting the permissions, again, depends on your specific configuration. If you're using the Apache webserver, it probably runs under the “www-data” user. So you'd assign the credentials file to the owner and group “www-data” and set the permissions to something like 0400 (meaning: read permissions for the owner, no permissions for everybody else).

[doni49]

I'm also on a shared hosting site with cPanel.

 

My structure is :

 

/home/username/

    /public_html  <-- this is the folder that apache serves my webpages from.

    /includes      < -- I store files here (including my db credentials file) in this folder.  Then my web pages INCLUDE these files.