What are best practices for organizing and securing PHP files on a server?

Organizing and securing PHP files on a server involves creating a clear directory structure, restricting access to sensitive files, and implementing security measures such as input validation and sanitization. One best practice is to store configuration files containing sensitive information outside of the web root directory to prevent direct access.

// Example of storing configuration file outside of web root directory
require_once('/path/to/config.php');