Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear"above the fold." Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve - screaming logos and headers!
Since scare tactics appear to be at least start considering the issue, or what drives some people to take how to fix hacked wordpress site a little more seriously, allow me to shoot a scare tactics your way.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, which hides the files out of public view.
Keeping home your WordPress site up-to-date is one of the simplest things you can do. For the last few versions, WordPress has included the ability to install automatic updates. Not only that, but sites are notified whenever a new upgrade becomes available.
In addition to adding a secret key to your wp-config.php document, also consider altering your user password to something that is strong and unique. A good idea is to avoid common phrases, use upper and lowercase letters, and include amounts, although wordPress will let you know the strength of your password. It's also a good idea to change your password frequently - say once every six months.
Just ensure you choose a plugin that's up to date with the version and release of WordPress, and that you can schedule, restore and replicate.