Keeping software up to date is one of the biggest in my opinion - if things are outdated they're often more susceptible to newer things that hackers have come up with. Ensuring that your passwords are secure as well is important, and making sure they're not easy to guess. Including things like numbers and special characters is always something I do, to try and make the password stronger.

I agree with @amelia88 Your website software and all its addons or plugins have to be updated to the latest versions. The second thing is Keep your admin all passwords strong, do not use any easy words like names and numbers. The strong password has to be atleast 8-12 letters combining upper case, lower case, numbers and special characters.

Updating the software is all that i do to keep hackers away from my site. Passwords are not that hard for me because i am used to making my passwords long and meaningless. Combination of numbers and letters alternately.

Always update your antivirus software and use incognito or private browser.

Yea,I try to update my anti virus as soon as possible and I don't use any simple worded password,I think we should put every precaution in place and just hope that hackers don't have the loopholes to get into our sites because it seen most are IT experts.

The security is the most important issue for server and website. Many methods are available out there, personally, I would like to implement the following methods to improve server and website security.
1. Access server with SSH keys
With SSH, any authentication is completely encrypted including password authentication. Many SSH key algorithms are considered uncrackable by modern computing hardware simply, becuase an attacker have to run through too much possible matchs.
2. Install firewall for server
Firewall is the essential part of any server configuration. To install a firewall like iptables in your server is a good option. Set up iptables and easily block the suspicious IP addresses and Ports.
3. Using VPN
A VPN,virtual private network, is a technology that creates a safe and encrypted connection over a less secure network, such as the internet. Using a VPN is a way to map out a private network that only your servers can see. Communication will be fully private and secure. So it is one of the enhancing methods for server security.
4. Install SSL certificate
SSL certificate is a standard technology for establishing a secure connection between browsers and servers and protecting from the hacker attack. So it is really needed by all websites. Install SSL certificate issued by Lets encrypt which is free of charge.
5. Set up the strong passwod for you website
It is easy to understand, so I don't want to talk it more.

If you run WordPress website, please head on.
6. Install the security plugins
Install WPS hide login plugin to change your login URL, which makes the attackers difficult to find the login page. Install the security plugin like Wordfence which is WordPress firewall and security scanner.
7. Uninstall the infrequent-used plugin
8. Update WordPress in time.

I guess this is always an easy yet hard question. Because, no matter how you secure your site or account hacker/ spammers always find ways. It's like a battle field of good and bad. But, sad to say it's always the bad that wins .It's always a challenging task for programmers/developers to find ways for security.

Its really hard to secure our accounts from being hacked. Even Facebook has just recently faced this kind of problem. I heard 50 million Facebook accounts were hacked.

Keeping sites from hackers needs one having strong password in place that can't be easily guess and knowing the people adds as admins.myfriend site was hacked recently from a loophole created by one of he admin and recovery back the site wasn't easy.So site owners should always be careful.