Minimal Plugin Reliance
To begin with, every single plugin that you add to your WordPress installation produces a possible avenue for a hacker to take control of your site. While most plugins are perfectly safe, and written with relatively simple code, some plugins are intentionally malicious – or they haven’t been updated in a long time and are no longer secure. Most current WordPress attacks target websites with out-of-date plugins or plugins that have known security flaws – so keeping the total number of plugins on your website up to date.it will help to prevent produce number of “holes” in the overall inbuilt security of the WordPress Entire system.
Only download plugins from reliable sites that have already been recommend and good ratings by the WordPress community – and keep the plugins updated. If one of your plugins is no longer supported, and it is no longer receiving regular updates, it might be a good idea to deactivate and delete that plugin since it will only continue to get more and more out of date – and more and more likely to be compromised.