Here's how to set up a website with better security.
If you have more than one person editing a website, restrict user accounts and only parts of the website can be changed. Open file
system/config/user.ini and at the end of the line change the home page of the user. Users can only edit pages within their home page. This protects your website from being changed.
You can test user restrictions.
If you have more than one person editing a website, enable safe mode and only Markdown can be used for text formatting. Open file
system/config/config.ini and change
ParserSafeMode: 1. This protects your website from nuisance.
You can test safe mode.
Check if your web server supports HTTPS and if the Internet connection is encrypted. It's best if your website is only available via HTTPS. This protects the privacy of your users, but it's not supported by every web hosting provider.
You need a web server with TLS and valid certificate.