kaliok Posted July 3, 2007 Share Posted July 3, 2007 I was hoping someone could advise me on how to protect my config.inc file. I have a config file with username, password, etc info in it, that I have placed outside of the web directory. I am using a shared hosting package. I have read that because this is on a shared host that there are potential security risks. From what I have read the way to stop this from being a potential security risk is to use: SetEnv DB_USER "myuser" SetEnv DB_PASS "mypass" But in order to do this I would need to put an include to the file containing the above data in httpd.conf. The host I am using does not allow access to the httpd.conf. I thought about putting these in the htaccess file but it appears that this still has a potential to be unsafe. Is there another way to protect the config information from prying eyes or to set the Environmental variables and access them in a different place. Link to comment https://forums.phpfreaks.com/topic/58237-php-and-mysql-config-security/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.