Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear"above the fold." Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve - screaming logos and headers!
Finally, how to fix hacked wordpress will inform you that there is not any htaccess within the directory. You can place a.htaccess record into this directory if you would like, and you can use it to manage usage of this wp-admin directory by Ip Address address or address range. Details of how you can do this are plentiful around the internet.
Should your site's server go down, everything you've worked for will go with this. You will make no sales, get signups or no traffic to your website, until you have the website back up again and in short, you are this link out of business.
This is quite handy plugin, protecting you against brute-force attacks that are password-crack. It keeps track of the IP address of every failed login attempt. You can configure the plugin Full Article to disable login attempts for a selection of IP addresses when a certain number of attempts is reached.
You can extend the plugin features with premium plugins such as: Amazon S3 plugin, Members only plugin, DropShop etc.. So I think you can use it for free and this plugin is a good go choice.
I prefer using a WordPress plugin to get the job done. Make sure that the plugin you choose is in a position to do select backups, has restore and can clone. Be sure that it is often updated to keep pace. There is not any use in backing your data up to a plugin that is out of date, and not functioning.