I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
Backing up your site regularly also assists in procuring from secure your wordpress website hackers. You have to keep a copy of your files hide away in backup system you can be certain of your database. This makes you a protected files that serves you in times of down is the system. Hackers are less likely to steal from a secured back up system.
Don't depend on your internet host - Many men and women depend on their web host to"do all that technical stuff for me", not realizing that sometimes, they don't! Far better to have the responsibility lie instead of out of your control.
Keep your WordPress Setup to date - One of the simplest and most valuable tasks you can do yourself is to make sure your WordPress installation is upgraded. WordPress provides a notice on your dashboard to you, so there's really no reason.
Take note of your new password! I recommend from this source the paid or free version of the software *Roboform* to remember your passwords.
Those are three very simple things you can do to keep WordPress secure without plugins. Set a blank Index.html file in your folders, run your web host security scan and backup your entire account.