Translations:Manual:Security/70/en

Consider moving the database password or other potentially sensitive data from  to another file located outside of the web document root, and including that file from $ls (through $include). This can help to ensure that your database password will not be compromised if a web server configuration error disables PHP execution and reveals the file's source text.