Translations:Manual:Securing database passwords/27/en

This way if somebody is able to access and display LocalSettings.php, all they will see is some settings rather than the password, username, etc. to your MySQL database and the real file containing that information is off limits to the web server.