I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
I back my blogs using a free plugin WP DB Backup up. I can always restore my website to the 13, if anything happens. I use my blog to be scanned by WP Security Scan plugin regularly and requests that are suspicious-looking to be blocked by WordPress Firewall to how to fix hacked wordpress site.
After spending a few days and hitting several spots around town, I eventually find a cafe which offers free, unsecured Wi-Fi and to my pleasure, there are tons of folks sitting around daily connecting their laptops to the"free" Internet service. I use my handy dandy cracker tool that is Wi-Fi and sit down and log into people's computers. Bear in mind, they're all on a network that is shared.
Yes, you need to do regular backups of your website. I recommend at least a weekly database backup and Home Page a monthly "full" backup. More, if possible. Definitely if you make changes and regular additions to your site. If you have a community of people that are in there all the time, or make changes multiple times every day, a backup should be a minimum.
What's the best way? Out of all of the possible choices that are available today, which one is appropriate for you and which path should you choose?
These are three simple things you could try these out you can do to keep WordPress safe without plugins. Set a blank Index.html file in your folders, run your web host security weblink scan and backup your entire account.