Just some quick tips to get you started:
- run with 'noirc=1' so that your node IP isn't discoverable via IRC
- run with several 'connect=' so your node only connects to other specific nodes that you trust
- do not expose the json api to the internet at large, confine it to localhost or specific ip only.
- if you plan to hold a significant amount of bitcoins, then estimate how many you'll need for your daily float, and save the rest in an offline wallet (also generated on an offline computer - don't leave traces of your keys on any internet-connected disk)
- do not accept 0-confirmation transactions, other than for really trivial amounts where speed of delivery is of the essence.
- do use new bitcoin addresses for every new customer and order. address reuse makes it easier to track your customers.
There are probably a more items that could be added to the list, this is certainly not to be treated as comprehensive.
I think the question should be closed, it's too broad for one Q&A, and you should try to separate it into several more specific questions. – Serith – 2011-10-04T16:16:22.910
I wish someone can come up with a link to a structured tutorial... – Mascarpone – 2011-10-04T16:42:11.933
5indeed, if there is not a walkthrough for this in existence, there should be. :) – nanotube – 2011-10-04T18:01:22.720