Problem
The php.ini file can be viewed from a web browser.
Solution
To prevent people to viewing your php.ini file via a browser a few lines need to be pasted into the .htaccess file.
- Login to the cPanel
- Click on File Manager (if prompted, select the checkbox to view hidden files)
- Double-click on the public_html folder to open it
- Right-click on the .htaccess file and then select the "Edit".
- Paste the following code into the bottom of the file and then click save:
<Files php.ini>
Order allow,deny
Deny from all
</Files>Now your php.ini file is protected. This change prevents php hackers from finding exploits on your site.