The article "Ensuring website safety" is provided by Sophos Plc and SophosLabs.
No matter what you do and how unremarkable your site is, it's still being attacked. Planning is an integral part of security system, because it reduces the damage from viruses, spyware and other malicious programs.
Imagine you are an attacker and use common sense to find obvious vulnerabilities. Some mistakes in the site infrastructure design are made so often (both by beginners and experienced professionals), that it makes sense to focus on them.