Protecting the php.ini file from being viewed

Problem:

The php.ini file can be viewed from a web browser.

Solution:

To prevent people to viewing your php.ini file via a browser a few lines need to be pasted into the .htaccess file.
  1. Login to the cPanel
  2. Click on File Manager (if prompted, select the checkbox to view hidden files)
  3. Double-click on the public_html folder to open it
  4. Right-click on the .htaccess file and then select the "Edit".
  5. Paste the following code into the bottom of the file and then click save:
<Files php.ini>
  Order allow,deny
  Deny from all
</Files>
Now your php.ini file is protected. This change prevents php hackers from finding exploits on your site.
  • 44 Users Found This Useful
Was this answer helpful?

Related Articles

Configuring the PHP Environment With php.ini

Problem: How do I change the PHP environment for my site with php.ini? Solution:   To...

PHP with FastCGI

Problem: What is FastCGI for PHP? Solution: FastCGI for PHP makes all your PHP applications...

Upload_Max_Filesize

Problem: How do I change my upload_max_filesize? Solution: Summary Locate the php.ini...

Cron Jobs with PHP Files

How do I run a php file using Cron jobs?   From the cPanel, click the Cron Jobs icon and enter...

Basic Site Security Checklist

Remove malicious files and/or files you are not familiar with. While many PHP applications...