There are 5 core areas of your new WordPress website that need addressing as soon as your site is live (or preferably before).
SECURITY, BACKUP, HTTPS, CDN, ANALYTICS, SEO.
Security should be a priority for any WP website.
The first security action is to ALWAYS keep core WordPress, themes and plugins up-to-date. (And remember to do a backup before updating just in case the update breaks something)
The 2 security plugins I use are:
iThemes Security Pro There is a free version of this but I recommend investing in the Pro version, if not only for the Two-Factor Authentication and Malware Scan Scheduling available in the pro version.
Wordfence This works slightly differently from iThemes Security, in that it, as the name suggests, puts a fence around your website – it is worth using both plugins.
BackupBuddy There are many backup plugins available for WordPress as well as religious arguments about which is best. This is my favourite and the one I use on all my websites. It does cost but I think it is worth it. See the benefits here
VaultPress is a great alternative especially if you are using Jetpack – the paid version of Jetpack includes Vaultpress.
Cloudflare CDN stands for Content Distribution Network – CDN’s can speed up load times, but also they can thwart some spamming and hacking attacks. Another benefit is that they lessen the load on your website’s servers. I use Cloudflare because it is free and very easy to setup.
Let’s Encrypt https is essential for every modern professional website – this article has an excellent overview. It’s also important for SEO I use Let’s Encrypt, again, because it is free and easy to use and setup.
Google Analytics for WordPress by MonsterInsights is probably the best plugin for google analytics (you do need to open a google analytics account first, but important as it shows you exactly how people use your website.
Yoast SEO – the leader in SEO wordpress plugins.