So the first thing you should do is to make sure you give the user database a unique name that can not easily be guessed.
For example: A6gr8JDaTa.csv
To make the user database completely in accessible you can create a .htaccess file in the folder on the server with the following content:
where usersdb.php is the name of the database and
Code: Select all
<Files "usersdb.php"> Order deny,allow Allow from ***.***.***.*** Deny from all </Files>
***.***.***.*** is your IP address.