Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear"above the fold." Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve - screaming logos and headers!
There's a part of config-sample.php that's headed'Authentication Unique Keys.' You will find four explanations that appear within the block. There's a hyperlink how to fix hacked wordpress within that part of code.You change the keys you have with the pseudo-random keys supplied by the website, copy the contents that you return, and must enter that link into your browser. This makes it harder for attackers to quickly create a'logged-in' dessert for your website.
Don't make the mistake of believing that your web host will have your back as far as WordPress backups go. Not always. It has been my experience that the company may or might not be doing backups while they say that they do. Why take that check my site kind of chance?
Is to delete the default administrator account. This is critical because if you don't do it, a user name that they could try to crack is known by malicious user.
You can create a firewall that blocks hackers. From coming to your own files, the firewall prevents the hacker. You must have updated version of Apache. Upgrade your PHP as well. It is essential that your system is full of upgrades.
But realize that online security is something that you really need to start thinking about. Do not just be the type, consider steps to begin protecting yourself today. Do not let Joe the Hacker make your life miserable and turn everything in creating come crashing down in a matter of seconds that you've worked hard.