On my website, any web page which needs to connect to MySQL has the following code at the top of the file…
// Connect to Database.
require_once(WEB_ROOT . 'private/mysqli_connect.php');
Where the constant WEB_ROOT is defined in config/config.inc.php like this…
// Website Environment
define('ENVIRONMENT', 'development');
//define('ENVIRONMENT', 'production');
// Web Root
define('WEB_ROOT', ENVIRONMENT === 'development'
? '/Users/user1/Documents/DEV/+htdocs/06_Debbie/'
: '/var/www/vhosts/MySite.com/httpdocs/');
This code works as-is, but the problem is that I do NOT want my Database Settings in the Web Root of my Production environment!!
So, here is what I need help with…
1.) According to GoDaddy, I should have “root” access on my VPS, and thus be able to create directories and files outside of the Web Root.
The syntax for my Production Web Root is like this…
/var/www/vhosts/MySite.com/httpdocs/
Where should I put my Database Settings for the greatest security??
Would this work…
/var/www/vhosts/MySite.com/PRIVATE/
2.) Unfortunately, NetBeans will not let me create a directory outside of the Web Root. (Don’t ask me why?!)
This creates a problem in that I cannot have similar directory structures between Dev and Prod.
And my goal is to either have code that works in both environments as-is, OR which can be adapted with minimal changes.
So how should I modify my code so I can easily switch between my “Development” and “Production” environments and still point to my Database Settings?
In Production, my Database Config file should be outside of the Web Root for extra security.
In Dev, I think it is okay to keep my “private” directory which is located inside the Web Root.
I can see a few ways to tackle things, but will wait to see what the gurus out there think!!
(BTW, my entire code-base is PROCEDURAL, so please keep any recommendations in that coding style.)
Sincerely,
Debbie