First thing which platform should I choose? I think the easiest way to construct a webshop is to use a CMS system. Systems are well-tested and popular systems. And these systems are easy to use and easy to customize. I advise you to choose WordPress. Why? So I can use any CMS system easily, I'm a software developer, but my clients can't use the majority of the CMS systems. My experience is my clients can learn WordPress in a period and it can be used by them easily without my aid. And you'll see at the end of this article WordPress is very user friendly.
Files can easily get lost if you do not have good protection on your website. A few of those files may be stored on your computer and easily replaceable, but what about the rest of them? Where are you going to get them from again, if you lose the first time to them? Especially fix wordpress malware is very important. Long-term sites have created a number of documents and have a lot of data. Recreating that all would be a nightmare, and not something any business owner would like to do.
The one I recommend, and the more powerful approach, is to use one of the generation and storage plugins available for your browser. RoboForm is liked by people, but I believe after a free trial period, you have to pay for it. I use the free version of Lastpass, view and I recommend it for those who use Firefox or Internet Explorer. That will generate secure passwords for you; you then use one master password to log in.
Harness Scanner goes through the files on your site database, comment and post tables in search of anything suspicious. You are also notified by it for odd plugin names. It doesn't remove anything, it simply warns you.
Another step to take to make WordPress more secure is to always upgrade WordPress to the latest version. The reason behind this is that with each new update there come fixes for security holes that are older which makes it essential to upgrade.
There is. People always know they also could just drop by your login form and where they can login and try a different combination of passwords and user accounts outside. So as to prevent this from happening you need to install Login Lockdown. It is a plugin that lets users try to login with a wrong password three times. Following that the IP address will be banned from the server for a specific amount of time.