Greetings. I am curious about having the php config file in the web root. I am coding a site for a client and their web host has their php.ini file in the web root. Is that not a security risk? I have never heard of having it there before. I am not a veteran web programmer, but I have been around long enough to know what should be kept secret.
Anyone have thoughts on this? Thanks.
Danilo