-
Notifications
You must be signed in to change notification settings - Fork 137
Secure config.php
Jon Crain edited this page Dec 5, 2018
·
2 revisions
This is deprecated as of version 3.x
If your web server goes haywire (or is misconfigured) your php files may get published as text files. As config.php may contain sensitive data like database passwords, it is advisable to protect it.
One way to protect your configuration is to create a config.php file outside the webroot and point to it. In the regular config.php file you should only put this line:
<?php require '/your/safe/path/config.php';Where /your/safe/path/ is a valid path on the filesystem where the real config.php lives.
- General Upgrade Procedures
- How to Upgrade Versions
- Troubleshooting Upgrades
- Migrating sqlite to MySQL