By now you s hould not be too surprised to hear that no matter how secure you make your site's communication between browsers and third-party servers, it is all a bit pointless if you don't secure your file system and database correctly. There is quite a lot to think about with regards to the security of both areas, and the only way you will really get to grips with it all is by ensuring you spend time practicing and learning about the different types of loopholes and backdoors that can affect your site.
In general, it is fair to say that the following lists the main points that you should be aware of when thinking about file system security:
Who can use the system
When and how much can these users use the system
What are users allowed to do
Monitoring the system
Responding to intrusions or attacks
Knowing the answers to the above points gives you a good platform from which you can implement better security. The best way to limit the number of people who can use your file...