There is lots of security plugin out in the market for WordPress framework, for example, wordfence, wp-cerber and etc. nowadays every webmaster looking quality and security for his website and that's the reason WordPress is the best framework in the world, If you still confusing about WordPress security then you can use video or pdf manual which will guide to setup your security plugin and I am sure that is user friendly. More than 80% webmasters using WordPress framework, Its only because of quality and security plugins in the market.

Hello,

Thank you for the detail explanation.

Thank You the explanation was really helpful.

wordpress website is not safe for our business. Hackers easily to smash the website

You need to use proper security ( PAID ) Plugins to secure your wordpress website. On the top of that your server should also be secured and hardened enough to stop incoming attacks on the website. For example using Mod-security and cloudlinux on the server.

Wordpress will always be the platform most loved by all and just like anything that is online needs attention. I believe we can not state that wp is totally insecure knowing that the basic criteria for understanding security for any structure is always:

1) Refresh the core automatically as it launches
2) Generate frequent backups for recovery or rewind
3) Update plugins and mostly use addon with secure and supported fonts
4) Use the most voted and maximum update security plugins possible
5) Do not keep unnecessary addons and root files like: readme.txt
6) Use techniques to hide as much as you can: versions of the core, versions of your Apache server, and block entries like: folders and admin
7) htaccess functions with local limitations and locks of wordpress menus
8) Review complete log every day, and fetch suspicious entries via addon
9) Request hosting with security and the main attack tools.
10) Ask if your server has tools of levels like: Pyxsoft Anti Malware, Imunify360, MailScanner, ConfigServer Security & Firewall, Edge Protection for DDoS, Lets Encrypt SSL for your domain or hostname access, Hosting panel tool for cleaning and scans among others.
11) Connect in known secure networks and not save passwords in environments
12) Remove unnecessary themes from theme folders
13) Access report and backup plugins

Look carefully for every action that wordpress alerts and guaranteed backup is still not totally secure, so giving up wordpress seems to be unsafe ideas. the network is safe from wordpress what we should do is prove that there is a way to do the right thing.

A Data Center that hold DDoS on borders, A Hosting Provider with numerous protection tools uniting with your commitment to watch over and toughen your wordpress and daily attention makes you unique in non-attacks and has monitoring for it.

My plugin tips I use and I'm not abandoned.

1. Wordfence = Firewall protection for all
2. Disable-xml-rpc = Blocks xmlrpc injection
3. Exploit-scanner = Frequent Scan
4. Heartbeat-control = Assists in .ajax.php resources
5. Rename-wp-login = Change login link
6. Wp-security-questions = Create security question
7. wp-smushit = Compress image

.htaccess with basic protection rules helps such as:
1. Block default upload folder
2. Block editing of admin files
3. Block plugins installation
4. Block theme editing
5. Remove unnecessary menus wp

Also important is your local network not saving passwords in browsers automating access.
Local and online prevention measures in wp ensures your site is always secure, otherwise there would not be large business portals for years with wp since version 3.1 and this is ensured.

In wordpress there is a problem that anyone can hack own website. But wordpress has provide the solution . You can use wordfence to avoid the hacking and secure your website.