How to connect to database without exposing my mysql info?

Hi, I want to use database in my website and I read the documents. I created a PHP script file named dbcon.php and put it in folder(ex. folder named db in htdocs). Since mysql password is my account password, I want to protect it by accidentaly exposures(by myself)! I want to only read dbcon.php file, so what changes do I need to both protect it and able to read it? (for instance what changes I need in file/folder permissions?) Thanks.

For most of the cases,it won’t be exposed since the php script is processed before displaying via an http connection.
The ftp connection is the type that give you full content but normally only you can access it.
However you may want to go to your cPanel and turn off php errors display.(By default this is turned off already)

5 Likes

Thanks Frank419. As you said, I did nothing special.
I only added “Options -Indexes” to .htaccess file and I tried to access to the folder db by writing “http://enginery.freecluster.eu/db” and it gives "Error 403 Forbidden ". Also tried to view the file(dbcon.php) itself inside the browser similarly, but it gives blank page. So I think(more correctly hope:D ) that no one can see its content anymore!

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.