I am finishing a website, which uses mysql and I would like to put it on the web.
However, in order to connect to the database I have to save the host, user and password in a file.
If this file is in my public_html anyone can download it and see the password.
Is it enough to save this file with password out of the public_html and set the permission just for the user?
Or do I need something more?