I'm afraid lack of security over my wordpress db login particulars like username,pass...will create a php file (say antique.php) where i'll access my db. For the reason that php file am calling the db hooking up particulars inside while using include function (for security). However where must i upload the file that has been known as within the antique.php file? From webroot upload? How to achieve that.....