I am developing a web application using a laptop server wamp. when I inspect my page using DevTools on chrome, i can still see the name of the php files (with their extensions). is disclosing the php files name of my application risky? if yes how can I hide them?
thanks.
Exposing filenames do not imply any major risks, but can have more subtle risks though.
For instance, your website cannot be hacked just by knowing filenames, but "config.php" is surely catchy once a webshell has been uploaded. You should be fine otherwise.
If you're still paranoid, as arkascha pointed in the comments URL Rewriting can come in handy.