The most important thing you can do to keep your website safe is play a proactive role in the security of the site.
Set a strong password for all your logins: FTP, Admin backend, Database, Host (Plesk, cPanel, etc). It is recommended to have a 7-15 character password, using a number, character and upper case letter. Make sure that you are changing the password at least every 30-90 days as a preventative measure.
Never log in to an account from a link sent via email. This can be a form of a phishing attack.
It is best to limit the amount of users that have access to your hosting account, passwords and FTP. The more users you create, or share logins, the more at vulnerable you are to security risks and exploits.
It is critical to make sure that your website is always up to date with the latest software release. It is best to ensure that all plugins, modules, themes, and versions are always up to date. These updates will help prevent known vulnerabilities to the application of the site.
Set a regular time to run through proper maintenance of the site. Remove all old coding, unused user/FTP accounts, and unused files. Make sure to never leave a back-up of your website on your server, this is a huge target to hackers. Properly maintaining regular clean-up will ensure less vulnerability to security risks and exploits.
The SiteLock Team