PHP file security on webserver

Question

I\'m slowly learning PHP, MySQL, along with some HTML, using localhost as my webserver. However, I\'m starting to wonder how my .php files are going to be secured if I put this

Answer 1

No. the php is parsed if the page is requested over HTTP. The person would have to know a vulnerability in your app, Apache or PHP or have some other access such as FTP.

You can move the files out of your wwwroot and reference them elsewhere. Also, never name your include files as .inc. always name them `.php.