When creating websites that only contain static HTML there are not a whole lot of security issues to be concerned about. But, once you start creating websites with dynamic content security becomes more important. Content Management Systems are complex beasts. Often the core components are very secure out of the box, needing little extra configuration to lock things down. It is more than likely you will be installing third-party modules to use with your CMS. That is when you should be more cautious and read the guidelines provided by the CMS you use.
I've compiled a list of security-related resources for each of the platforms on ThemeBot. If you haven't done so already, it would be a good idea to read through these articles. Of course, the best thing you can do to harden your website is hire a professional security consultant. However, there is a lot that can be done yourself to make your site more secure. This is not intended to make anyone paranoid it is just to increase awareness...
Drupal 5.0 has been officially released and it is time to start contributing some themes :) This article was written to provide an essentialized walk-through focusing on the actual process involved when submitting themes to Drupal.org. This is by no means a detailed guide and I am not a CVS expert. After spending days combing through the Drupal Handbook to piece it all together, I decided this would be useful as a reference.
It is highly recommended that you read the detailed CVS instructions in the Drupal Handbook at some point. This guide is for Windows users and a CVS client is used, so you don't have to use command-line. There are decent instructions already available for Linux users.
The assumption is that a stable release will be submitted, meaning that the theme has been fine-tuned, the PHP code has been checked for security vulnerabilities, the XHMTL and CSS have been validated etc, and the theme is ready to share with the Drupal community. Let's get started...