Is error reporting on and display errors on in development and off in production? Do not suppress errors in your code. Implement a logging framework. Use a caching strategy. Keep in mind and use programming design patterns and best practices. Use tests in your code and try to automate running these tests every time a change occurs in the code base. Review or at least audit team members’ code. Practice defensive programming. Learn and use OOP principles correctly. Have a solid workflow and processes for developing and deploying code. Differentiate between read / write database queries. Use a solid database library which can connect to multiple databases. Test SQL queries for exploits. Learn and use indexes on database tables Use database transactions. Secure sensitive data in the database. Use different coding environments: development, staging, production. Implement a backup and monitoring strategy.