How to Avoid Hacking an ASP.NET Website?

AFAIK attackers can overwrite files with CHMOD values ​​777 on Linux servers. Today my site that I created with ASP.NET got hacked. My Site.master page was added with a lot of backlinks, and there was a folder named Sayers that has a lot of html files (possibly including search keys).

I could easily delete the folder and restore the original Site.master file.

I have no problem with SQL injection. Even if I saw some additions or changes in the entries. There is nothing. There are only changed files and added folder.

I have updated my FTP password. I'm 100% sure I'm not using a third party extension. All code is done by hand (: So I want to know how to prevent this step from being repeated. It could also be a website vulnerability. I also want to know if this is a server side issue or my problem.

I am using the service of a hosting company. I am using FTP (21), not secure.