Keeping a website secure can be difficult. There are many factors that can lead to a website being compromised. Below are some pointers that will help mitigate the risk as much as possible.
1) Keep software up to date : Using outdated website software is the single biggest reason for a website becoming compromised. New security issues with software are discovered on a daily basis, and the software your website is using is no exception. Whenever a security flaw is discovered, updates are released to remove the vulnerability. You will need to keep all software updated. This also applies to any plugins or themes your website is using.
2) Make use of the software applications security guidelines : Follow the security guide or checklist, as it contains best practises on how to secure and harden that particular application.