One of the first things you do when you set up a WordPress site is work on the colours, font, layout, and look. Then it's time to add text and data. But what about WordPress security? Don't let the fun of setting up a site that is new distract you from the goal of protecting the information you're putting online.
Let me shoot a few scare tactics your way since scare tactics seem to be what compels some people to take clean hacked wordpress site a little more seriously, or at least start considering the issue.
No software system is immune to bugs and vulnerabilities. Security holes will be discovered click this and guys will do their best to exploit them. Keeping your software up-to-date is a good way to stave off attacks, once security holes are found because their products will be fixed by software sellers that are reliable.
Move your wp-config.php file one directory up from the WordPress root. WordPress will search for it there if it can't be found in the main directory. Also, nobody click for more info else will have the ability to read the document unless they have FTP or SSH access to your server.
As I (our untrue Joe the Hacker) know, people have far too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts that all include logins and passwords you need to remember.
Of course you can install more plugins to make your store more user friendly like share buttons or automatic backup plugin. That's all. Your store is up and running!