Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear"above the fold" Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve - screaming logos and headers!
Installing the fix wordpress malware cleanup Scan plugin will check all this for you, and alert you that you might have missed. Additionally, it will tell you that a user named"admin" exists. That is the user name. You can follow a link and find instructions for changing that name, if you wish. Personally, I think that a strong password is enough security that is good, and there have been no attacks on the numerous sites that I have a peek at this site run because I followed those steps.
No software system is resistant to vulnerabilities and bugs. Security holes will be discovered and bad guys will do their best to exploit them. Keeping your software up-to-date is a fantastic way to stave off attacks, once security holes are found, because their products will be fixed by reliable software vendors.
Exclude pages - This plugin provides a checkbox,"include this page in menus", which is checked by default. If you uncheck it, the page will not appear in any listings of pages (which includes, and is ordinarily restricted to, your page navigation menus).
If you're not currently running the latest version of WordPress, upgrade today. Like keeping your door unlocked when you leave for vacation leaving your site in an old version is.
Do your homework and some hunting, but if you are pressed for time and want to get this done once and for all, try the WordPress security plugin that I use. It's a relief to know that my website (and company!) are secure.