Honestly, as a website owner, the best you can do to secure your website is to do 3 things. You know me by now, I like to simplify things so you basically need to

  1. Make sure all your themes and plugins are updated
  2. Have a reliable security plugin
  3. Have Recaptcha
  4. Have some sort of bot blocker.
  5. Have SSL
  6. Use a decently strong password

Well if you are a big website and you can afford a security expert go ahead and do that. If you need some recommendations here’s the solution I use (mainly cuz they are free and I don’t wanna spend)

If you implemented what I said you are basically about 80% better than most websites out available online, especially for those who use WordPress. You can research more about the requirements, you won’t believe how many websites I’ve encountered as a WordPress Support Engineer that don’t implement these.