Securing a wordpress site is a challenging task, however by the help of few things you can achieve it.
First attempt of hacking sites is either brute force attack or Sql Injections. We have to block all the channels where vulnerability occurs.
1. Change the wordpress login url: All the attackers that uses brute-force attack by accessing your login url which is accessed by either www.domainname.com/wp-admin or www.domianname.com/wp-login.php. You can use Custom login URL plugin https://wordpress.org/plugins/custom-login-url/ to improve security of your sites.
2. Use strong password: Use strong password that are at least 16 characters long. Click here to generate strong password http://passwordsgenerator.net/
3. Avoid common login username: You must avoid username that are easy to guess such as admin, Admin, Info, info, root, Root, support, Support
4. Securing Database: While installing wordpress use the different prefix than “wp”, which is default.
5. Configure Backup: You can either take manual backup once in month or configure free Updraftplus plugin to do the same job. You can store backup to the different location like Google Drive, Dropbox, FTP, SFTP etc… https://wordpress.org/plugins/updraftplus/
6. Protect Wp-Config files: It plays a crucial role in terms of the security, most of the users write bad code to allow access of site.
Write below code in config.php to make it secure.
7. Protect site from Malware: There are few security related free plugins available. i.e. Wordfence, Sucuri, Wp-Security.
Install these plugins and configure the settings as per
your need to set failed login attempt to 3 and block username such as admin, info..etc as state above.
Sign Up For the Bluehost Hosting Service Provider, Bluehost is also an Official Partner of WordPress.
8. Few more Tips:
* Add your site to google webmaster so when it find any suspicious behavior then it will alert you
* Do not forget to install anti-malware plugin
* Keep you WordPress version and All the plugins updated
* Keep a backup of your site and database at local drive