phpFNGo Posted September 14, 2020 Share Posted September 14, 2020 Hey all, I'm sure this is a really basic question but I'd like a definite answer. I've been watching a tutorial and seeing some site references regarding connecting to a sql database using php. Since it contains a password to the database, my question is, how secure is this page on a webserver, or does it not even matter since the code is so specific to the website and the database it is connecting to. Thank you in advance. Chris Quote Link to comment Share on other sites More sharing options...
requinix Posted September 14, 2020 Share Posted September 14, 2020 Short answer: it's safe. Longer answer: it's as safe as any other PHP file on your server. It's a common practice to put this script, or at least a script that defines variables/constants with database credentials, in a PHP file that is not located inside the web root (eg, outside of your public_html or www or whatever directory that your site is based in) because if it's not an actual page then it really shouldn't be in the root; this practice is easy to achieve when you get larger sites that have a single public_html/index.php that runs an "application" or some similar concept whose files are all outside the root. 2 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.