There is a number of free scripts that you can available from internet for many kind of applications, this can be a php, perl/cgi scripts. For example you can have a form mailer script for the contact page in your site. If you check h**p://www.hotscripts.com you can download a number of free form mailer scripts. However, all of these scripts may not be secured and it can be easily exploited by a spammer. This can be categorized as unsecured scripts. In the same way, you'll need to check any custom scripts that is using in your account and make sure that it is secured and cannot be easily exploit by hackers.
Every file or folder in UNIX has access permissions. There are three types of permissions (what allowed to do with a file):
read access
write access
execute access
Permissions are defined for three types of users:
the owner of the file
the group that the owner belongs to
other users
Thus, UNIX file permissions are nine bits of information (3 types x 3 type of users), each of them may have just one of two values: allowed or denied.
Simply put, for each file it can be specified who can read or write from/to the file. -rwxr-xr-x File,
owner has read, write, execute permissions,
group: only read and execute permissions,
others: only read and execute permissions.
If you set a file/folder under full permission \, it should be -rwxrwxrwx - That means the owner, group and others have the full permission. So, do not set any file/folder under full permission in your hosting account
This is something same to unsecured scripts, but it refered to an application instead of a script like a blog application, a forum, shopping cart etc. This can be referred as third party application too. If you use any third party application, you'll need to subscribe to the developers mailing list for their updates/patches releasing on time to time and upgrade the installed software with the new updates/patches. These patches are normally releasing for fixing the security issues that is reported on older versions. All the third party applications that is not maintained in this way is called unsecured applications.