Is it safe to store the database password in a PHP file?

My recommendation: Don't store passwords in source code.

Instead, store them in a configuration file (outside of the web root), and make sure the configuration file is not publicly accessible. The reason is that you normally don't want to keep your passwords checked into the source code repository or exposed to everyone who can view files in your web root.

There is an additional risk with storing passwords in a .php file within your webroot, which is a bit obscure but can be easily avoided by placing the file outside of your web root. Consider: if you are editing connection.php using a text editor, and your connection drops while you are editing it, your editor will automatically save a copy of the connection.php file in some backup file: e.g., connection.php~ (in the same directory). Now the backup file has a different extension, so if someone tries to fetch that file, the Apache server will happily serve up a copy of the file in plaintext, revealing your database password. See 1% of CMS-Powered Sites Expose Their Database Passwords for details.

See also How do open source projects handle secure artifacts?, Open Source and how it works for secure projects?


It's reasonably safe. To get the content of the php file, a hacker needs to compromise your server, or you need to mis-configure it.

Still I recommend configuring mysql so that the user used by the script isn't accessible remotely, and use a different user for administrative remote access.


The problem comes if you have a PHP script that possibly downloads the files on your server e.g download.php?=index.php.

If you check Google, you will see that this vulnerability exists within many other sites.