Here are some suggestions on how to secure your websites :
1. Please make sure your root folder (wwwroot or public_html) doesn't have the write permission applied
2. Please check your code and ask the developer to check whether it has a vulnerability
3. Upgrade your CMS regularly, for example, if you have DNN then upgrade to the newest stable version or apply new patch regularly
4. Change your FTP password regularly and use the combination of numbers and symbols