You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
If you do not have good protection on your website, Documents can easily get lost. Some of those files might be stored in your computer and easily replaceable, but what about the rest of them? If you lose the first time to them where are you going to get them out of again? Especially fix malware problem is vital. Often sites have a lot of data and have made a high number of files. Recreating that all would be a nightmare, and not something any business owner wants to do.
Also, don't make the mistake of thinking that your hosting company will have your back as far as WordPress backups go. Not always. It's been my experience that the hosting company may or might click reference not be doing backups, while they say that they do. Take that kind of chance?
This is quite useful plugin, protecting you against brute-force strikes that are password-crack. It keeps track of the IP address of every login attempt. You can configure the plugin to disable login attempts for a range of IP addresses when a certain number of failed attempts is reached.
Another step to take to make WordPress more secure is to always upgrade WordPress to the latest version. The reason for this is that with every new upgrade there also come fixes for security holes that are older which makes it essential to upgrade early.
Implementing all the above will probably take less than an hour to finish, while creating your WordPress website much more resistant to intrusions. Websites were this past year, largely due to preventable security gaps. Have yourself prepared and you are likely to be on the safe side.