The most important thing to do is keep your passwords a secret. If you must give a password to someone, don’t share it with too many people, and be sure to change it when they are done using the access. Don’t write down your passwords or save them in a plain text file. I highly recommend you periodically change your passwords. You can find more by searching “How can I make a stronger password?”
Along the same idea, you need to make sure your personal computer does not have viruses, trojans, keyloggers, etc.
Keep your scripts and downloaded programs updated. Always upgrade to the latest version of your blog, forum, shopping cart, etc.
Do not have writable file permissions. The correct permissions are normally 755 or 644, and you can check these in your File Manager. Most users know to avoid 777 permissions, but you really want to avoid any permission settings which allow Group and World writing. (That’s anything ending in 7, 6, 3, or 2. The first number can be one of these, but not either of the last two numbers.)
Never leave scripts on your account that are not being used. These tend to be forgotten and since they are no longer maintained they are often out of date and can pose a very serious security threat on your account. If you no longer need the script it is best to download your backups and remove it from the server.