What are the potential risks of storing database credentials in a PHP file like config.php?

Storing database credentials in a PHP file like config.php can pose a security risk if the file is accessible to unauthorized users. To mitigate this risk, it is recommended to store the credentials outside of the web root directory and restrict access to the file using appropriate file permissions.

&lt;?php
// config.php
define(&#039;DB_HOST&#039;, &#039;localhost&#039;);
define(&#039;DB_USER&#039;, &#039;username&#039;);
define(&#039;DB_PASS&#039;, &#039;password&#039;);
define(&#039;DB_NAME&#039;, &#039;database_name&#039;);
?&gt;

Keywords

security risks sensitive data exposure SQL injection data breach configuration file vulnerability

What are the potential risks of storing database credentials in a PHP file like config.php?

Keywords

Related Questions