I am deploying a dynamic website onto the hosting platform iPage. I am using a db connection with PHP but I can't find a secure way to store the credentials.
iPage has forced me into the following critera:
- Entire website is public, I haven't been able to move the web root to exclude a private directory.
- I have no control over the server's httpd.conf file
They recommend storing the credentials in plain text in the PHP code itself. No joke
The only solution I can think of is setting up a publicly visible directory, setting up .htaccess on it and encrypting the contents of the file, but I'm hoping there is a less "sketchy" solution.