Thanks for the info. Moving *.db out of the web path is super easy to do. I will also explore the encryption extension.