If your server were to crash there is the possibility that your PHP code would be exposed, showing users the path to the file with your passwords and allowing anyone to view them.

Instead, place your password file outside of public_html.

public_html
secure

If you move the file to 'secure' folder you can still include it from public_html by:

require ('../secure/mypasswords.php');

Thank you for the reply!

What makes the other folder secure(er)?

Do I password protect it?
Set permissions differently?

I've got it working (thanks) just trying to understand more of the security concerns

In the example notsleepy gave, what makes the other folder secure is that it is outside your public_html directory -- i.e., let's assume you have a home directory, and inside your home directory is public_htm (where you put your web site files). You put your "secure" folder in your home directory, but not inside public_html.

Anything in that directory is not accessible from a browser. Thus, it will be pretty secure from anyone accessing the server via a browser.

But keep in mind that depending on how the server's file system security is set up, other users on the server may be able to access those files through the file system. Ideally, they shouldn't be able to, but on some servers it's possible. But it would be inaccessible from a browser.

In addition to the previous posts ...

Your web server runs as user "nobody" or "apache" (if you're using Apache).

If a malicious intruder guesses the password for user "nobody" or "apache", they have read/write access to any file that "nobody" or "apache" has access to. Which means ...

They can now read/modify any file accessible by your web server's "user", including any files stored in directories accessible by "nobody" or "apache".

By storing the sensitive files in an alternate directory, preferably outside of the "normal" web server directories, you have the opprtunity to restrict access to sensitive files, or to at least establish a different authorization mechanism for those files, which reduces the chance that they will be compromised.

You can usually set up any authentication mechanism (i.e. mysql login) in a less-susceptible directory, and use the various PHP authentication mechanisms to get into those sensitive directories by using a different username/password combination from the default web server username/password combinations ... reducing the chance of compromise.

Check out the various encryption methods available to you in PHP, realizing that many of them have been compromised on a global basis, for specific instances at a very profound level. For example, SSH0, SSH1, MD5 and others have been found to be able to be compromised by very sophisticated, very specific ways ... probably not for you to worry about in day-to-day implementations, but worth researching.

if your on a shared host it may be possible for the other users to fish for the file. Esp. if your not running phpsuexec or something similiar.

Many thanks for all the replies!

Looks like it won't be as simple as I had hoped...but when is it?

(I guess setting up the credit card wasn't as hard as I'd expected)