When you open your server as share host server (e.g webhost server) you have to make your server more secure than single account on single server.
As we know, today many hosting company using suPHP for their webserver. It more secure than other module. But suPHP has a weakness.. in standard configuration it make open_basedir not work properly, so a user can read file from other users.
And this condition used by hacker to read user file at same server when they hosted.
How to protect your users on suPHP environment?
It easy 
you have to chmod or ask your user to chmod their config files. Because sometime user use user & password of their cPanel in config file, or they store mysql information in config file.
On default, system set permission of file to 0644 and folder to 0755. So to get more secure, set your config file to 0600 That mean it just can read or execute by the owner.
For mass chmod, use this script:
http://ahlul.web.id/2010/06/17/php-mass-chmod-config-files.html
Related posts:
