I developed a php application, and I have a config.php , which store the constant use among the application, in this file, it included all the important information, such as the Mysql server address, port number, user name and passwords. I am worry about someone can get the file, and do something that I don't want, how can I protect this file? Thank you.
$password
rather than DB_PASSWORD
you might do something with the $password
variable in the global scope, forgetting that it's in use - unlikely, but a small possibility). Normally it is just stored in a php file, you can make if belong to the www-data user or what ever your web server is using. If someone does have access to your server they won't be able to open it
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.