Preserve headers/logos underneath 125 pixels high. It takes up beneficial viewing space, primarily for laptop users, that is ideal left for the good stuff to appear"above the fold." Take a cue from the massive businesses, straightforward logos completed nicely say it all. This is our #1 pet peeve - screaming logos and headers!
Let me shoot a few scare tactics your way since scare tactics seem to be what compels some people to take fix wordpress malware removal a little more seriously, or at least start considering the issue.
Strong passwords - Do your best to use a strong password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are easy to guess!
Is to delete the default administrator account. This is critical because he has a good point if you do not do it, malicious user already know a user name that they could try to crack.
You can extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. I think this plugin is a fantastic option and you can use it at no cost.
When your website is new, you do think about needing security but you do need to protect your investment and yourself. Having a site go down and not being able to restore it may mean a loss of consumers who can't find you and won't remember to look for check my source your site again later. Do not let that happen to you. Back your site up after you get it started, as the website is operational my website and schedule regular backups for as long. That way, you will have peace and WordPress security of mind.