Make sure your website is secure

When creating websites that only contain static HTML there are not a whole lot of security issues to be concerned about. But, once you start creating websites with dynamic content security becomes more important. Content Management Systems are complex beasts. Often the core components are very secure out of the box, needing little extra configuration to lock things down. It is more than likely you will be installing third-party modules to use with your CMS. That is when you should be more cautious and read the guidelines provided by the CMS you use.

I've compiled a list of security-related resources for each of the platforms on ThemeBot. If you haven't done so already, it would be a good idea to read through these articles. Of course, the best thing you can do to harden your website is hire a professional security consultant. However, there is a lot that can be done yourself to make your site more secure. This is not intended to make anyone paranoid it is just to increase awareness...

Drupal: Best practices guidelines | Security Announcements

Joomla: Joomla Administrator's Security Checklist | Security FAQ Table of Contents

phpBB: Security tracker

SMF: Security Report

WordPress: Hardening WordPress

 XOOPS: Upgrades, Security and Backups

If you have any links to add or would like to discuss this, please visit the forums.