Here is what you can to. Make a directory in your account that is not world readable. Typically in your root dir under the public_html dir. Just have your script read in the information from that dir.
You cannot change the permissions on the file because your webserver user that the index.php is executed as would not beable to read in the file.
You could use .htaccess on the subfolder. it would bring up a username and password dialog if the user directly access the file.