Hi folks,
I keep seeing security recommendations in here and there stating stroing database info in webroot is not a very good practice. Yet qa-config.php is right in the root of qa. Just wondering if that at all is a security risk to compromise the db password if accidently php files are seen as text.