From f042b6ae38a2e7b17d0802d165040a5174c2c581 Mon Sep 17 00:00:00 2001 From: carnage Date: Fri, 13 Nov 2015 14:53:34 +0000 Subject: [PATCH] Added avoid committing sensitive info to source control --- _posts/10-05-01-Configuration-Files.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/_posts/10-05-01-Configuration-Files.md b/_posts/10-05-01-Configuration-Files.md index e864bda..afb7c0b 100644 --- a/_posts/10-05-01-Configuration-Files.md +++ b/_posts/10-05-01-Configuration-Files.md @@ -13,4 +13,5 @@ via the file system. - If you must store your configuration files in the document root, name the files with a `.php` extension. This ensures that, even if the script is accessed directly, it will not be output as plain text. - Information in configuration files should be protected accordingly, either through encryption or group/user file -system permissions \ No newline at end of file +system permissions. +- It is a good idea to ensure that you do not commit configuration files containing sensitive information eg passwords or API tokens to source control.