Okay, you got me: WordPress security isn't the sexiest way to spend your time, but it could end up being one of the most profitable! Nothing is more caustic to the lining of your stomach than having your site go down, and wondering whether or not you've lost it all.
I back up my blogs frequently using a free plugin WP DB Backup. I can restore my website to the 13, if anything happens. I use WP Security Scan free plugin to scan my blog and asks that are suspicious-looking to be blocked by WordPress Firewall to fix wordpress malware scanner.
Safeguard your login credentials - Don't keep your login credentials where they might be found by a hacker. Store them off, and even offline. Roboform is for protecting them very good . Food for thought!
Exclude pages - This plugin adds a checkbox,"include this page in menus", which can be checked by default. If you uncheck it, the page won't appear in any listings of pages (which includes, and is usually restricted to, your page navigation menus).
Can you view that folder what if you visit WP-Content/plugins? If so, upload this blank Index.html file into that folder as well so people can't view what plugins you might have. Someone can use that to get access because if your existing version of WordPress is up to date, if you're using a plugin or an old plugin with a security hole.
These are only some. Great thing is that they don't require much time view it to do. These are also options, which can be carried out easily.