It's not an absolute answer to what you want, but as you said it's new as WP I'll give you some security tips.
First mask the default login page of wordpress do not leave it this way:
https://www.seusite.com/wp-admin
Plugin to change default URL: link here is a Guide that talk about this plugin link
Second, remove or rename the Generator meta tag, so do not:
<meta name="generator" content="WordPress.com" />
Plug in to remove Generator link
If you want to get hold of this article, it may help you: link
- Remove the installation files from the directory!
Then do not allow the user to send htmls, scripts, or anything else through the text fields of your site. Here you can read how to prevent Spans in comments:
link
It sounds kind of silly, but use Recaptcha: link
Some Templates come defalt with some user registration plug-ins and some default user that was created to publish some standard template content. Disable any plug-ins you will not use. Also disable this default theme user.
Check the file types that can be "uploaded" by site users in forms.
ROBOTS.TXT here's a tip. I believe that it is not of interest to let search engines from China, Russia and others besides the most used by Brazilians find your site. So set up Robots.txt and especially do not index WordPress folders See this example:
User-agent: *
Disallow: /administrator/
Disallow: /administrator
Disallow: /components/
Disallow: /installation/
Disallow: /libraries/
Disallow: /logs/
Disallow: /modules/
Disallow: /plugins/
Disallow: /templates/
User-agent: Googlebot
Disallow:
User-agent: googlebot-image
Disallow:
User-agent: googlebot-mobile
Disallow:
User-agent: MSNBot
Disallow:
User-agent: Slurp
Disallow: /
User-agent: Teoma
Disallow: /
User-agent: Gigabot
Disallow: /
User-agent: Scrubby
Disallow: /
User-agent: Robozilla
Disallow: /
User-agent: Nutch
Disallow: /
User-agent: baiduspider
Disallow: /
User-agent: naverbot
Disallow: /
User-agent: yeti
Disallow: /
Disallow: /cgi-bin/
Sitemap: http://www.seusite.com.br/site
If possible use the newer version of PHP !
Two articles in Portuguese with other tips.
link
link