One thing you should know is that security is an illusion. Nothing is totally secure, there is always a way to break in if someone is determined to. This website is not secure neither, nor is facebook, nor Google. They're all prone to attack, and if the right person was determined, they could breach into their systems. The only thing you can do is to provide hurdles to make it harder for an attacker to gain access to your systems.
If you're talking in terms of web dev, then SQL injection is the first step if you're using an SQL related stuff. PDO is great, and using prepared SQL statments is a proven method for preventing SQL Injections. You can also take steps to prevent XSS attacks, and brute force attempts by making sure all users have a strict tight password. Also, make sure you hash user passwords, and use encryption when handling sensitive data.
Keep up to date on the latest firmware updates, such as using the newer versions of PHP, use newer libraries and stuff. Which are often better and in some cases more secure than previous ones.
If you want to test the security on your website, you could always hire a white hat hacker or a pay for a penetration test service for your website.
You could also use a service like CloudFlare which helps prevent some attacks, such as DDoS attacks which could render your website offline.
Honestly, it's like fighting crime, crime is inevitable, you just have to go great lengths to prevent it from happening. No method is full proof, but you can play your part, same for any type of security. You should continue programming, as long as you do your best and enjoy what you're doing then that's all that betters.
I'm not a security expert, but that's all I can suggest.