How do you ensure my site is not getting hacked while you are working on it? – Growmodo

Here is our checklist for keeping your site safe:

Back up the website while it's in its best working state.

Change /wp-admin to another slug.

Check custom fonts are set to HTTPS as well in Elementor Custom Fonts.

Install Wordfence plus the add-on, Login Security

Limit login attempts to 3 (Brute force protection tab - Wordfence).

Generate and install reCaptcha V3 on all forms and input fields.

Install the Disable Comments plugin.

Turn off comments everywhere.

If comments are essential, mandate that all comments are to be accepted manually.

Disable XML-PRC.

Disable Avatars.

Do not recommend file uploads, but if needed, this will need to be discussed internally.

Limit and identify needed file types only.

Check all links are set to HTTPS protocol on ALL PAGES! Do not launch with mixed content.

Check custom fonts are set to HTTPS as well in Elementor Custom Fonts.

Do a final scan to check if there are still vulnerabilities if the domain checks out on Web Trust platforms.

See if the website checks out with Google Safe Browsing

Add the site to Google Search Console if possible.