The most obvious suggestion that comes to mind is to put the SQLite3 database in a location that isn't accessible to a web browser. If your public-facing files are in a location like public_html which is a sub-directory of your user directory, put the database flle in a location outside of that, but still accessible by yourself and the web server userid.