Hi
Folx Pleae suggest me how secure our wordpress web site from hacker. if i host of blue host.

I suggest you to install iThemes Security WordPress plugin it gives you over 30+ ways to secure and protect your WordPress site. iThemes Security works to lock down WordPress, fix common holes, stop automated attacks and strengthen user credentials with advanced features.

iThemes Security Pro Features:

-Two-Factor Authentication - Use a mobile app such as Google Authenticator or Authy to generate a code or have a generated code emailed to you.
-WordPress Salts & Security Keys - The iThemes Security plugin makes updating your WordPress keys and salts easy.
-Malware Scan Scheduling - Have your site scanned for malware automatically each day. If an issue is found, an email is sent with the details.
-Password Security - Generate strong passwords right from your profile screen.
-Password Expiration - Set a maximum password age and force users to choose a new password. You can also force all users to choose a new password immediately (if needed).
-Google reCAPTCHA - Protect your site against spammers.
-User Action Logging - Track when users edit content, login or logout.
-Import/Export Settings - Saves time setting up multiple WordPress sites.
-Dashboard Widget - Manage important tasks such as user banning and system scans right from the WordPress dashboard.
-Online File Comparison - When a file change is detected it will scan the origin of the files to determine if the change was malicious or not. Currently works only in WordPress core but plugins and themes are coming.
-Temporary Privilege Escalation - give a contractor or someone else temporary admin or editor access to your site that will automatically reset itself.
-wp-cli Integration - Manage your site's security from the command line.

With your WordPress installation more secure due to improving user authentication and the quality of our code, it’s also important to ensure you have well supported, secure, hosting.

Here are Simple Tricks to Secure Your WordPress Website:-


Secure the login page and prevent brute force attacks
Set up website lockdown and ban users
Use 2-factor authentication
Rename your login URL
Use SSL to encrypt data
Add user accounts with care

We've written a guide with steps how to secure your wordpress web site. It will work with any web hosting provider. You can read it at https://www.scalahosting.com/blog/secure-wordpress-web-site/

A plugin such as wordfence is a must in every wordpress installation.

As you said, your site is hosted on Blue Host, I suggest you to install “Wordfence” security plugin. know more about related plugins here: https://goo.gl/aqAGM6

To keep your word-press website protected, Consider following security Tips:

1. Keep your word-press website updated with latest version, theme and plugins.
2. Keep Strong and Unique login password to avoid unauthorized access to your website. You can prefer Two-Factor Authentication (2FA), for that you can choose following plugins such as: “Google Authenticator”, “Duo Security” , “Clockwork SMS”.
3. Always prefer to download plugin from Wordpress.org
4. Install “Login LockDown” plugin to limits the number of login attempts.
5. You should back up your website data on external drive regularly.
6. Install SSL certificate on your site (https://www.cheapsslshop.com/blog/ssl-certificates-and-its-type) for encrypting communication between web server (your site) and web browser (user's browser). Even it gives you chance for higher rank in Google search engine.

For detailed knowledge, Visit this link: https://goo.gl/QPQtRx

With your WordPress installation more secure due to improving user authentication and the quality of our code, it’s also important to ensure you have well supported, secure, hosting.

12 Ways to Secure Your WordPress Site :-

1. Cut Back on Plugin Use.
2. Don’t Download Premium Plugins for Free.
3. Consider Automatic Core Updates.
4. Set Plugins and Themes to Update Automatically.
5. Eliminate the Plugin and Theme Editor.
6. Eliminate PHP Error Reporting.
7. Protect Your Most Pertinent Files Using .htaccess.
8. Hide Author Usernames.
9. Keep Track of Dashboard Activity.
10. Obscure the Login Page.
11. Pick the Best Hosting You Can Afford.
12. Keep Your Computer Up-to-Date, Too.

Secure Your WordPress Site
1. Cut Back on Plugin Use.
2. Don’t Download Premium Plugins for Free.
3. Consider Automatic Core Updates.
4. Set Plugins and Themes to Update Automatically.
5. Eliminate the Plugin and Theme Editor.

Very useful information sharing about secure WordPress website information..

Wordfence Security Plugin is best to secure the WordPress site.

Here are detailed tips for you - https://www.24x7servermanagement.com/wordpress-security/

You will get the all tips regarding how to secure your WordPress website.

1. Change the login URL with WPS Hide login.
2. Install WordPress security plugin or firewall like iptables.
3. Set a strong login password.
4. Insatll SSL certificate.
5. Uninstall the infrequently used themes and plugins.

There are various ways to secure our wordpress website are given below:
1. Use a Quality Host
2. Switch Your Site to HTTPS
3. Create Secure Login Credentials
4. Enable a Web Application Firewall
5. Implement Two-Factor Authentication.

Here are some suggestions for securing your WordPress website login page:
Set up a website lockdown feature and ban users. ...
Use 2-factor authentication. ...
Use your email to login. ...
Rename your login URL to secure your WordPress website. ...
Adjust your passwords. ...
Protect the wp-admin directory. ...
Use SSL to encrypt data.

Here are some suggestions for securing your WordPress website login page:
Set up a website lockdown feature and ban users. ...
Use 2-factor authentication. ...
Use your email to login. ...
Rename your login URL to secure your WordPress website. ...
Adjust your passwords. ...
Protect the wp-admin directory. ...
Use SSL to encrypt data.

WordPress Security Fundamentals

This is easy. Just make sure you follow these tips.

Keep WordPress Core, Themes and Plugins up to date.
Use only trusted and well supported themes and plugins.
Minimize Plugin use to only the essentials.
Use Security Plugins.
Use Two factor Authentication and Strong User Credentials.
Keep good backups of your website.
Never access your website over open and free networks or untrusted networks.

Wordfence does is to check if a website visitor’s behaviour matches that of an abusive bot. If the bot breaks certain rules, like asking for too many web pages in a short amount of time, Wordfence will then automatically block the bot. Wordfence is also programmed to allow legitimate bots like Google and Bing on the site.

You can secure your wordpress with just simple steps:

• Always upgrade your wordpress, plugin, themes to secure it.
• Use STRONG and COMPLEX password.
• Use Antivirus in your PC for security.
• Secure wordpress admin section from unwanted access.
• Limit login attempts.

If these steps are not enough for you then you can check this (https://hoststud.com/resources/how-to-make-your-wordpress-website-more-secure-through-some-simple-steps.93/).