Translations:Manual:Securing database passwords/2/en

Keeping these credentials in LocalSettings.php is risky, because under rare conditions PHP files can be served as plain text revealing these credentials to the world: