php.ini in public_html

Pyone

• September 24, 2016 02:23

Hello, I found "php.ini" file in the public_html folder of my site. I found out that this php.ini file can be easily downloaded by www.mydomain.com/php.ini. My site is hosted in shared hosting. And I didn't put that "php.ini" file in public_html. I'm afraid that it should affect the security of my site. What should I do about it? Thank you.

• 

  cPanelMichael

  • September 28, 2016 14:29

  Hello, PHP.ini files do not contain any identifying information about your website or data. It's the configuration file for PHP. Your hosting provider may have placed that file in your public_html directory to allow for custom PHP configuration settings. The following document helps to explain how this works: How to Edit Your php.ini File - cPanel Knowledge Base - cPanel Documentation Thanks!

  0
• 

  dncosts

  • September 28, 2016 19:18

  However, placing php.ini file under public_html/ directory seems a security risks.

  0
• 

  cPanelMichael

  • September 28, 2016 19:48

  This StackOverflow thread offers advice on denying access to this file through the .htaccess file: PHP php.ini file in the web public root directory ? is it safe enough Thank you.

  0

Please sign in to leave a comment.