as a maker, how do you make sure your products are secured? Do you do any security checks once in awhile?
I think common sense security is your best bet. I am doubtful anyone is going to be doing anything too sophisticated to my site, and honestly if they do, good job. All about understand the threats relative to your current state.
HTTPS, can't inject script or SQL, can't use endpoints w/o authentication, hashing passwords.
practice... and if you want a good place to start look at OWASP... and if you still not sure go to https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet
use a secure developer tools like frameworks: django and laravel had a lot of secure!