Move to a hardware platform that can support security features.
Let's assume for the discussion that this is not possible.
One of the ideas I had regarding this is the use of a SB70 LC (Serial to Ethernet adapter). This support SSL encryption and I believe it can be connected to an Arduino. But this costs another $59, so I am looking for a cheaper solution.
Another brain jump is that I only accept messages from the IP the server hosting the php file. That way not some malicious person could simply send info to the arduino, on the other hand Its possible to spoof an IP adres.