The php.ini file can be viewed from a web browser.


To prevent people to viewing your php.ini file via a browser a few lines need to be pasted into the .htaccess file.

  • Login to the cPanel
  • Click on File Manager (if prompted, select the checkbox to view hidden files)
  • Double-click on the public_html folder to open it
  • Right-click on the .htaccess file and then select the "Edit".
  • Paste the following code into the bottom of the file and then click save:
 <Files php.ini>
    Order allow,deny
    Deny from all

Now your php.ini file is protected. This change prevents php hackers from finding exploits on your site.