|
Most people have their MySQL connection strings and other important data in a config/functions file in the main public_html directory. One badly set permission, or even a server glitch, can cause this file to become exposed leaving it vulnerable to direct attack via URL. The solution? Ensure the file cannot be accessed via URL by uploading sensitive data to the root directory (note: not all hosts allow this, Go Daddy being one of them). Take your typical MySQL connection string: View Source Code change it to: View Source Code (where host-username is your login username.) Create a file called connectiondata.php and upload it above the public_html directory with the following contents: View Source Code Replace your-username with your MySQL username (usually your hosting account name followed by an underscore and a name of your choice) and your-password with your connection password.
Assigned TagsLanguages: Php Technologies: Database Connection Categories: Web Development More Blog Posts By Enterprise-PHPBlog Posts By Coders Enterprise-PHP Is Following
Comments | ||||||||||||
