Aryeh Gregor wrote:
In that case, I think AdminSettings.php is certainly a good idea, so it could be readable only to root and not the web server.
only by /root/?
If an attacker has read access to your AdminSettings.php he might as well have write permissions. He just needs to change your php files and wait until you run a maintenance script to get mailed your /etc/shadow, or rm -rf / you.
Maintenance scripts shouldn't be run as root. OTOH that would be a good method if you used a specific account eg. 'WikiAdmin'. Still, you might get funny permissions when running scripts that deal with files.