I'm building a little framework for my self, The configuration of the framework is done in an ini file, How do you suggest to hide its contents? .htaccess wont be good (or atleast only htaccess) since if its turned off.... The file contains mysql password and important data. How should I make sure the file stays hidden from someone who might tries to access it? -- Use ROT26 for best security