How to secure a web page. How to secure password.
How to secure a web page? How to secure passwords? How to secure database password?
As you probably noticed, putting password in a config file in html directory is not a good idea?
Task: improve security of web page.
Solution: put all of your config files in another directory (but not placed in html). For example you may create directory ../my_configs, and put file my_database.conf.php in it.
How to include that file in php?
Solution is simple - you must do such a trick:
let’s assume your file is in /var/www/my_configs
your php files are in /var/www/html/ and other files are in /var/www/html/xyz/
to include my_database.conf.php just write a line: require(’/var/www/html/../my_configs/my_database.conf.php’);
Of course instead of /var/www/html you can define $web_path=/var/www/html/ and just write:
require($web_path . ‘../my_configs/my_database.conf.php’); [Note: dot merges two strings]
There’s no possibility (I assume the server is properly configured) to take files outside html directory from the internet, put php on the server can securely take it.