Bu kodu baglan.php nin en altına ekle zararlı kelimeleri filtreler xss, sql injection için.

 if(!function_exists('stripos')) {
 function stripos_clone($haystack, $needle, $offset=0) {
    return strpos(strtoupper($haystack), strtoupper($needle), $offset);}
} else {  function stripos_clone($haystack, $needle, $offset=0) {
    return stripos($haystack, $needle, $offset=0); }
}if(isset($_SERVER['QUERY_STRING'])) {
$queryString = strtolower($_SERVER['QUERY_STRING']);
    if (stripos_clone($queryString,'%select%20') OR stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR stripos_clone($queryString,'https://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'union') OR stripos_clone($queryString,'concat') OR stripos_clone($queryString,'ftp://')) {        
die("<br>Güvenlik Ihlali. Ip Adresiniz Ve Diğer Bilgileriniz Kayit Altina Alindi. "); exit;}}

Bu koduda htaccess dosyana ekle;

RewriteCond %{QUERY_STRING} (\"|%22).*(\>|%3E|<|%3C).* [NC]
RewriteRule ^(.*)$ 404.shtml [NC]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC]
RewriteRule ^(.*)$ 404.shtml [NC]
RewriteCond %{QUERY_STRING} (\;|\'|\"|\%22).* union|insert|where|select|update|drop|md5|or|and|if).* [NC]

RewriteRule ^(.*)$ 404.shtml [NC]
RewriteRule (,|;|<|>|'|`) 404.shtml [NC]

Sunucunda yada scriptte açık kasıtlı açık bırakılmadıysa( warezden ötürü ) hacklenmezsin. Ayrıca admin yolunuda değiştirmeyi unutma.