delphi123 Posted December 11, 2007 Share Posted December 11, 2007 Hi there, Just a general security question, I have a file with all my database username/passwords etc that I refer to with scripts, can anyone tell me what they do to ensure it's secure? Does it matter if it's in the root of your server? What do you CHmod it to? .htaccess? etc Many thanks! Quote Link to comment Share on other sites More sharing options...
~n[EO]n~ Posted December 11, 2007 Share Posted December 11, 2007 Generally I have seen peoples keeping their config.php (with all db details and pwd) inside includes folder. You can name it anything you want, unless you tell others it is safe. You don't need to give write access to other folder unless it is required. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted December 11, 2007 Share Posted December 11, 2007 Files that end in .php are parsed as php code when they are browsed to. So, no one can see any php code or variable statements in them, unless you do something silly like - echo "my database password is: $password"; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.