WordPress security is a topic of huge importance for every website owner. Google blacklists around 10,000+ websites every day for malware and around 50,000 for phishing every week.

If you are serious about your website, then you need to pay attention to the WordPress security best practices.

1 ) Must have some plugins ( WordPress security plugin ) -


* BulletProof Security

* WP Security 

* WP Anti Malware

* Wordfence Security


2 ) User SMTP for sending contact form / inquires ( never use php mail function ) 


3 ) Use google captcha to protect bots for spamming


4 ) Best practices -


  • Use strong passwords
  • Keep WordPress themes, plugins, and core up to date
  • Check your plugins and themes for the continued support
  • Protect your computer and home network
  • Install an SSL certificate on your site
  • Backup your site


Ref link and read -


https://kinsta.com/blog/wordpress-security/

https://www.wpbeginner.com/wordpress-security/

https://askwpgirl.com/preventing-wordpress-hacks/

https://blog.sucuri.net/2019/05/wordpress-hacks-5-ways-to-protect-wordpress-from-hacking.html

https://www.codeinwp.com/blog/secure-your-wordpress-website/