You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
Installing the fix hacked wordpress Scan plugin alert you to anything that you might have missed, and will check most of this for you. It will also tell you that a user named"admin" exists. Of course, that is your user name. You find instructions if you wish and can follow a link. I personally believe that a strong password is security that is good, and since I followed those steps, there have been no attacks on the numerous blogs that I run.
I protect an access to important files on the site's server by putting an index.html file in the particular directory, which hides the files from public view.
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More, if at all possible. If you make changes and additions to your site, definitely. If you have a community of people which are in there all the time, or make changes multiple times every day, a daily backup should be a minimum.
Now we're getting into things. You have to rename it to config.php and alter the document config-sample.php, when you install WordPress. You company website will need to deploy the database facts there.
Oh . And incidentally, more tips here I talked about plugins. Make sure it's a safe one, when you get a new plugin. Don't install any plugin just because the owner is saying on his site that plugin will allow you to do this or that. Maybe use maybe, or a test blog to look official statement at the plugin get a software engineer to analyze it. This way isn't a threat for you or your organization.