1. Use safer permission setting of 710 instead of 755 for all directories.
2. Use even safer permission of 700 for directories not directly accessed by Apache.
3. Use 750 only for directories you want to use Apache's default directory listing.
4. Use safer permission of 600 instead of 640 for ALL PHP scripts.
5. Use safer permission of 700 instead of 755 for ALL CGI scripts.
6. Password protect ALL scripts other than you want general public to access,
including webstats provided by PowWeb.
7. Avoid using unsafe scripts: Matt's Formmail.pl, phpBB2, php-Nuke,
and many other PHP and CGI scripts. I guess 90% of cracking happens this way.
Remember that PHP is a vulnerable, buggy, and risky languages
and scripts written with it are often very vulnerable, buggy and risky.
Static contents require much less maintenance and a lot safer,
and can be as cool as stupid CMS/BLOG construction.
8. Check the IP of last access for OPS, FTP, and mail, regularly.
9. Check your raw log to see suspicious access and cracking attempts.
10. Keep your PC safe. If your PC is compromised, bad people can obtain
access to your site and many many personal information.
DO NOT trust BIG corporation, like MS, SONY, and so on.
These guys often create stupid products, but they can be clever in deceiving naive users.
Stay away from hyped, fancy, needless, or heavy features.