You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
I back my blogs frequently using a free plugin WP DB Backup up. I can restore my blog if anything happens. I use WP Security Scan plugin that is free to scan my site regularly and suspicious-looking requests to be blocked by WordPress Firewall to how to fix hacked wordpress.
An easy way to keep WordPress safe would be to use a few built-in tools. To begin with, don't allow people to list the files in your folders, run a web host security scan and automatically backup your entire web hosting account.
While it's an odd term, it represents a task that is essential : making a WordPress backup of your website to work on offline, or in case something should go click this link amiss. We are not only being obsessive-compulsive here: servers go down every day, despite their claims of 99.9% uptime, and if you've had this happen to you, you know the fear is it can cause.
In addition to adding a secret key to your wp-config.php file, also consider altering your user password into something that's strong and unique. WordPress will tell you the strength of your password, but include numbers, use upper and lowercase letters, and a great idea is to avoid common phrases. It's also a good idea to change your password frequently - say once every six months.
I prefer using a WordPress plugin to get the job done. Just make sure is able to do backups, has restore and can replicate. Be sure that it is often updated to keep pace with all new versions of WordPress. There is no use in not working, and backing up your data to a plugin that is out of date.