I don't think that config file (or even script code) obfuscation is a sensible way of hardening a system. If the database access credentials are really the weak point of a system (I don't think so), the database authentication itself should be replaced by something more sophisticated, such as public/private keys, host based authentication, etc.

> We, at Bunkerify, have developped, thanks to our experience in IT security, algorithms to hide your secrets without modifying the behaviour and the ease of use of all these CMS.

> Our algorithms do deep obfuscation of the sensible content of configuration files, that make it unreadable by a human. A pirate have to make a very long work of reverse engineering to understand what we done, and then, try to counter it.

> Bunkerify uses deep security algorithms

Who upvotes this garbage?