WebsiteCM has a great article on securing X-Cart. The article offers some insight on how the author makes sure X-Cart is secure but the concepts introduced are applicable to any web application, even Drupal.
Links
Does your webpage suck?
2
Nov
2007
If you are not sure if a particular web page sucks, there is a handy flow chart to help you out!
