Most important is the permission of files .Always check the permission of newly uploaded files.
Remove unnecessary old files.
Protect the source code.
Password protection for scripts and databases which are not meant for public.Make sure the passwords are alphanumeric combination.
Update the control panel and other software's regularly.