In addition to the text and graphics you're creating, you're going to need a protection and backup alternative for your new website. fix wordpress malware is important, and if you back up your site and don't protect you could lose important data and information that might be hard to restore. You don't need to need to start over from scratch after you have done all that work, so be sure you're secure.
An easy way would be to use a few tools that are built-in. First of all, do not allow this content people to list the files in your folders, run a web host security scan and automatically backup your entire web hosting account.
Yes, you want to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. If you make changes and additions read more to your site, definitely more. If you have a community of people which are in there all the time, or make changes multiple times every day, a daily backup should be a a knockout post minimum.
Now we're getting into things specific to WordPress. You have to rename it to config.php and modify the document config-sample.php, when you install WordPress. You will need to deploy the database facts there.
Using a plugin for WordPress security only makes sense. Backups need to be performed on a regular basis. Do not become a victim of not being proactive as a result!