Below are the important points that needs to be taken care to make your website fully secure.
1. Don’t use admin as a username
A majority of today’s attacks target your wp-admin / wp-login access points using a combination of admin . As admin is very common so it can be easily gueesed. Always try to use different username.
2) Use updated wordpress Always
Make your wordpress updated to the latest version. As the latest version always comes with updated security features.
3. Use a less common password
Make use of complex password that is difficult to guess. It makes your website very secure as the intruders cannot easily enter to your website.
4. Add Two-Factor Authentication
Use two factor authentication. Now a days all the latest websites are using this to make it secure. Gmail , paypal all are using the same two factor authentication to make the website secure.
5. Hide wp-config.php and .htaccess
Use the below code to make the wp-config.php and .htaccess hidden so that intruders cannot access these important files.
<Files wp-config.php> order allow,deny deny from all </Files>
6. Use WordPress security keys for authentication
7. Disable file editing
8. Limit login attempts
90002total visits,277visits today