Safest bath to store .htpasswd for phpmyadmin?

December 12, 2013 2.6k views
Hello, hope everyone's OK.. So I followed this article: And when i got to set up the htpasswd part, didn't know where to store it, or what are the best practices applied. So, I tried a path kept getting internal server errors, till i stored it in var/www and it worked. For some reason i don't feel like it should be kept there(i am new to this). Any help is appreciated, thanks... Running: Ubuntu.
2 Answers
You shouldn't store it in /var/www because anyone will be able to download it since apache is serving /var/www's contents. You can create a directory in /etc/apache2 called htpasswd or whatever you like and store it in it e.g. /etc/apache2/htpasswd/phpmyadmin.
"For some reason i don't feel like it should be kept there..."

The article also recommends that you should not store it there.
... place the file in a directory of your choice as long as it is not accessible from a browser.
Have another answer? Share your knowledge.