0

I have read a little bit about that, but I can't find answer that is telling me exactly what to do.

So here's what I have been doing to store my database password in php:

Lets say that my website is in the folder website. So we have

/website/mysite.php

My password is store outside this folder, in (for exemple)

/mypassword/mypassword.php and I get it with an include '../mypassword/....';

On this file, the permissions are at 600, so owner can read and edit the file.

Is it the proper way of doing it? or is there another way, more secure? (And easy to use too!) Sorry for my poor english, I'm not a native english speaker.

display-name-is-missing
  • 4,424
  • 5
  • 28
  • 41
SamuelYvon
  • 1
  • 1
  • I've been on this page, but I can't find an answer that tells exactly what to do; some say encrypt, others says on another server, and they don't talk about the files permission – SamuelYvon Feb 10 '14 at 23:52
  • 1
    outside web root, file permissions depends on server and set up and requirements –  Feb 10 '14 at 23:54
  • ok, I think I'll let the file permissions at 600, and by outside webroot, do you mean outside the folder of the site? Like I did? – SamuelYvon Feb 10 '14 at 23:59

0 Answers0