By default, the newest version of WordPress is pretty darn secure. Anything which may have been added to any fix wordpress malware scanner plugins has been considered by the development team of WordPress . In the past , WordPress did have holes but now most of them are filled up.
Use strong passwords - Do what you can to use a strong password, alpha-numeric. Easy to remember passwords are easy to guess!
In case you ever want read here to migrate your website elsewhere, such as a new hosting company, you'd have the ability to pull this off without a hitch, and also without needing to disturb your old site until the new one was in place and ready to roll.
Install the WordPress Firewall Plugin. Prevent and this plugin investigates web requests with easy WordPress-specific heuristics to identify attacks that are obvious.
I prefer using a WordPress plugin to get the job done. Just make sure is this website in a position to do copies that are select, has restore performance, and can clone. Also be sure that it is frequently updated to keep pace with all versions of WordPress. There's absolutely not any use in backing up your data to a plugin that's out of date, and not working.