As of today, WordPress is powering 48 of the blogs online. Aside from that, WP can also be powering 19% of the net as a whole. It means that WordPress is really trusted by a great deal of people whenever they want instant creation of websites and blogs.
Finally, installing the fix wordpress malware scanner Scan plugin will check most of this for you, and alert you to anything that you might have missed. It will also inform you that a user named"admin" exists. That is your administrative user name. If you wish you can follow a link and find instructions for changing that name. Personally, I believe that a password is security that is good, and there have been no successful attacks on the numerous blogs that I run, because I followed those steps.
No software system is immune to vulnerabilities and bugs. Security holes will be found and bad men will do their best to exploit them. Keeping your software up-to-date is a good way once security holes are found because their products will be fixed by software sellers.
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. If you make additions and changes definitely. If you make changes multiple times every day, or have a community of people that are in there all the time, a daily backup should be a minimum.
You can extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. So I think you can use it and this plugin is a good choice.
However, I advise that you install the Login LockDown plugin as opposed to any.htaccess controls. Login requests will be ceased by that from being permitted from a for an hour or so after three failed login attempts. You can still access your admin cell while from your office, and yet you still have good protection discover this info here against hackers if you accomplish that.