We recommend disabling write permissions on your web site to keep it secure from hackers. However there will be times that you will need to update your web application, install plugins, themes, etc. In which case, we recommend temporary enabling write permissions.
From the Administration Control Panel
Mouse over Web & Applications and select Web Sites
Click on your domain name to access web site settings
Under Security Settings
Put a check in the Enable Write Permissions box
You can now make changes to your web site.
When you are done, uncheck the same box.
This will disable write permissions and will block hackers from putting files onto your site.