Preserve headers/logos underneath 125 pixels high. It takes up beneficial viewing space, primarily for laptop users, that is ideal left for the good stuff to appear"above the fold." Take a cue from the massive businesses, straightforward logos completed nicely say it all. This is our #1 pet peeve - screaming logos and headers!
Allow me to shoot a few scare tactics your way since scare tactics seem to be what compels some people to take fix wordpress malware attack a little more seriously, or at the very least start considering the problem.
I might find it somewhat harder to crack your password if you're one of the ones. But if you're one of those ones, I might just get you.
Exploit Scanner goes in search of anything suspicious through the files on your website place, comment and database tables. You are also notified by it for plugin names. It doesn't remove anything, it simply warns you for possible check threats.
You can extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. So I think you can use it and this plugin is a good option.
Those visit are three very simple things you can do to keep WordPress secure without plugins. Put a blank Index.html file in your folders, run your web host security scan and backup your whole account.