I am developing a PHP application that uses SQLite as database management system, MySQL and PostgreSQL etc. is not an alternative (although I would really like to use pgsql), because I want the setup to be very beginner-friendly and zero-headache alike. Now many people use a shared hosting, and alot of them only offer direct FTP access to the htdocs-directory, but not above that. That means the customers would have to put the SQLite-Database-File inside their htdocs, meaning that it is accessible to the world and anyone can download it.
What is the best way to give the customer some kind of protection from that, that is simple and also supported on all HTTP servers?