security check on my php configuration file

Question

i have following config.php.inc file in my root directory, i am wondering is it safe or not safe to put config file into root of website and does my configuration file is secure or not.

if its not secure how can i make it more secure?

<?php 

    global $configVars;

    $configVars['online'] = false;  

    if(($_SERVER['SERVER_NAME'])!='localhost' and ($_SERVER['SERVER_NAME'])!='abc')
    {
$configVars['dbhost']       = "localhost";          // Database host address //
$configVars['dbuser']       = "dbuser";   // Database user name     //  
$configVars['dbpassword']   = "bq;^4";        // Database password     //
$configVars['dbname']       = "dbname";  // Database name         //
$configVars['dbport']       = 3306;             // Database port         //

    define('SERVER_NAME', 'http://sitesurl/');
    define("SITE_ABSOLUTE_PATH", SERVER_NAME."");


} else {

    $configVars['dbhost']       = "localhost";          // Database host address //
    $configVars['dbuser']       = "root";              // Database user name    //  
    $configVars['dbpassword']   = "";                 // Database password     //
    $configVars['dbname']       = "localdb";     // Database name         //
    $configVars['dbport']       = 3306;             // Database port         //


    ////////// Define Variables
    define('SERVER_NAME', 'http://localhost');
    define("SITE_ABSOLUTE_PATH", SERVER_NAME."/site/");
    }
?>

Answer 1

There is no need to make security check in config file. content in this file is not accessible from end user or hackers.

the problem come to stage when some body hacking your script and download config file or get it's content with any other way.

thanks