Was Apache running as root?

With apache, you start it as root, but then apache changes its user right after starting. The following in the apache config files set what user it will run as:

User www-data
Group www-data

It has to start as root in general so it can bind to ports < 1024. So run ps aux as wonble said to see how it was started, and adjust these directives if you want to change which user it is running as.

On many linux distribution, apache is running as www-data by default

By it is hard to tell without knowing your distribution

The best way to tell the permissions of a process is with ps aux -- that lists the UID of the processes. Now that you've restarted the process, there's no real way of seeing what was going on, short of having something like BSD process accounting running.

I stand corrected. The actual reason for apache to have been able to read the file would indicate that it had been running as root. Other explanation would have been that the response had been cached in the browser.

I originally wrote: "I think the apache had a cached copy of the index.php in memory. That's why it seemed it could still read the file inspite of permission change."

Chmod 200 will allow the owner of the file to write, but not read the file.

What you want to do is the following:

Let user "joe" own the files. Let group "www-data" read it. This way - joe can log in and modify/upload files, while apache still can read them (chown joe:www-data folder or file).

Chmod*s should be set to something like 750 (or 740 if you don't want directory listing possible) for folders, and 640 (or 750 if it's a CGI) on files.

I'm advising you to learn how chmod/chown interacts, and how the different permissions apply. Please read the follwing helpful article at Wikipeda: Chmod