WordPress is a system that is safe but applications has their own flaws and security holes are located on WP. This is the reason why WP releases updates. Once any vulnerability was found by them, they provide a new update and instantly make some changes . If you want to know about the secure your wordpress site plugin, first you have to understand the different regions where these plug-ins work to assist you protect your investment .
Also, don't make the mistake of thinking that your hosting company will have your back as far as WordPress backups go. Not always. While they say they do, it has been find more info my experience that the hosting company may or might not be doing proper backups. Take that kind of chance?
This is very useful plugin, protecting you against brute-force password-crack strikes. It keeps track of the IP address of every login attempt. You can configure the plugin to disable login attempts when a certain number of attempts is reached.
Can you see that folder Imagine if you go to WP-Content/plugins? If so, upload that blank Index.html file into that folder as well so people can't view what plugins you have. Because if your existing version of WordPress is current, if you're using a plugin or an old plugin with a security hole, someone can use this to get access.
Do not use wp_ as a prefix for your databases. Web hosting providers are currently eliminating that default now but if yours doesn't, adjust wp_ to anything else but that.