Great post, here's something I would add:
- On vBulletin, rename and move your config.php file
Code:
http://www.vbulletin.org/forum/showthread.php?t=198856
- While you should move your admin panel, also set up a fake one that is just a login screen, and get it to report any login attempts to you.
- If you're new to a vps then install CSF Firewall, it's not the best, but by far the easiest to use and learn. Also, follow the guides it has on it
- Don't delete the Install directory! Delete all the important files in it, except maybe a few useless text files, and an index.html so that they can't see the files. It get's the hackers hopes up
- If you're on a vps, don't use the root account, make a new account with root privileges named something more genuine
- Once again, for a vps, disable /cpanel and preferably move the cPanel port
- Disable any file extensions you don't use, this could help deter scripts, and you can do this through .htaccess
Hope this helps some people