as a maker, how do you make sure your products are secured? Do you do any security checks once in awhile?

I think common sense security is your best bet. I am doubtful anyone is going to be doing anything too sophisticated to my site, and honestly if they do, good job. All about understand the threats relative to your current state.

HTTPS, can't inject script or SQL, can't use endpoints w/o authentication, hashing passwords.

use a secure developer tools like frameworks: django and laravel had a lot of secure!