The Website Security Checklist
Putting a website on the internet means exposing that website to hacking attempts, port scans, traffic sniffers, and data miners. If you're lucky, you might get some legitimate traffic as well, but not if someone takes down or defaces your site first.
• Common oversights that compromise website security
• 13 practical steps for ensuring your website is resilient to the most frequently used attacks such as SQL injection and Denial of Service (DoS) attacks