Preserve headers/logos underneath 125 pixels high. It takes up beneficial viewing space, primarily for laptop users, that is ideal left for the good stuff to appear"above the fold" Take a cue from the massive businesses, straightforward logos completed nicely say it all. This is our #1 pet peeve - screaming logos and headers!
Install the fix wordpress malware fix Firewall Plugin. Stop and this plugin investigates requests with simple heuristics to recognize attacks that are obvious.
Don't make the mistake of believing that your web host will have your back so far as WordPress copies go. Not always. It's been my experience that the company may or might not be doing backups, while they say that they do. Why take that kind of chance?
Move your wp-config.php file up one directory from the WordPress root. WordPress will look for it there if it can't be found in the main directory. Additionally, Check Out Your URL nobody will have the ability to read the document unless they've FTP or SSH access.
Note that you should only try this step for new installations. You will also need to change all of the table names inside the database, if you might like to do it for existing installations.
These are click reference a few of the things I do to secure my blogs. Great thing is they don't require much time to perform. These are also options, which can be done easily.