shaddf 0 Posted October 25, 2015 where can I put my db login details on a shared web server if this is my directory structure: /home/mary/ it is on cpanel framework so etc folder,,publichtml folder are in mary. wht is the best possible way to have them secured ? Quote Share this post Link to post Share on other sites
Jacques1 628 Posted October 25, 2015 Place it outside of the document root and make sure it's not readable by anybody but the webserver. Quote Share this post Link to post Share on other sites
shaddf 0 Posted October 29, 2015 Place it outside of the document root and make sure it's not readable by anybody but the webserver. in my case, what is the document root here:/home/mary on the cpanel structure? and is that possible on shared hosting(Place it outside of the document root and make sure it's not readable by anybody but the webserver.) Quote Share this post Link to post Share on other sites
Jacques1 628 Posted October 29, 2015 I've never used CPanel, so I can't guide you through the GUI. Generally speaking: The document root is the directory used by your webserver to store public files. It's probably “public_html” in your case, so you'll want to keep your database credentials out of this folder. Otherwise you risk leaking the data. Setting the permissions, again, depends on your specific configuration. If you're using the Apache webserver, it probably runs under the “www-data” user. So you'd assign the credentials file to the owner and group “www-data” and set the permissions to something like 0400 (meaning: read permissions for the owner, no permissions for everybody else). Quote Share this post Link to post Share on other sites
doni49 0 Posted December 16, 2015 I'm also on a shared hosting site with cPanel. My structure is : /home/username/ /public_html <-- this is the folder that apache serves my webpages from. /includes < -- I store files here (including my db credentials file) in this folder. Then my web pages INCLUDE these files. Quote Share this post Link to post Share on other sites