hiding config on web site

Asked Mar 27 '18 at 19:08

Active Mar 27 '18 at 19:08

Viewed 18 times

I'm creating a php script that will use another php script (login.php) file to store database login information. This file will sit within the public_html directory of the website to interact with the mysql database.

I'm wondering what the best approach to file security would be, so that someone can't access the login.php file containing the login credentials.

asked Mar 27 '18 at 19:08

datasci

And how would they do that? – RiggsFolly Mar 27 '18 at 19:10
@RiggsFolly couldn't they just access domain.com/login.php ? – datasci Mar 27 '18 at 19:12
If they accessed it through the web server, it will be executed by PHP and they would only get whatever it outputs. Which is probably nothing? (I assume it just defines some variables.) – Don't Panic Mar 27 '18 at 19:27
A: Place it outside the public area. – Funk Forty Niner Mar 27 '18 at 19:28

hiding config on web site

0 Answers0