1.Modify the password.
No matter it is for business or not, the original password of the website is usually admin. So when you receive a website program the first thing taken is to modify the password. You should set a particular password which would better contain letter, number and symbol. In addition, it should have at least 15 chars. Otherwise; the website will be easily attacked.
2.Create a robots.txt.
Robots can effectively keep hackers from stealing information through a search engine.
3.Modify the background files.
Step1. Modify the name of validation documents.
Step2. Modify the conn.aspto avoid illegally downloading. (You can modify it after encrypting the date bank.)
Step3. Modify the name of the date bank ACESS as complex as possible.
4. Limit landing the backstage IP.
This is the best way and every virtual host has such function.
5.Discreet choice of site procedures.
Notice whether the program itself has loopholes in website. You should have the scale to judge whether it is good or bad.
6.Pay attention to the loopholes when upload.
As far as I know, upload vulnerability is often the most simplest and most serious, which can let a hacker easily control your website.
7.You can prohibit or limit the file types of files that are to upload.
8. Routine maintenance.
You should regularly backup the date once a day and change the name of the date base together with the password of administrator. With the help of WEB or FTP, you can check all the volume of catalogs and change the time and the file number.
Source by Ma Vivian