Typically, most sites are hacked because of poor passwords, older and exploitable software, or world-writeable permissions (777).
Make your password hard for other people to guess and hard for a brute force attack to succeed.
Passwords should be at least eight characters containing lower-case letter, upper-case letter, number and special character ($, -, !).
Checking monthly, or even bi-monthly for newer versions of the software installed on your site, you are making it much more difficult for a potential attacker to gain a foothold.
World-writeable permissions (chmod) are rarely needed in any situation. Instead, use 755 for executables, and 644 for all other files.
- Protection with .htaccess - The hacks below will help you to further protect your website/blog. Simply place the snippets in your hosting account's root .htaccess file.