The most simple way to secure your Drupal website
1. Keep your Drupal core and contributed modules updated
Keep your Drupal version updated. Apply security patches as soon as they get released this way you avoid leaving your website exposed and vulnerable.
2. Install Drupal Security Modules
You can improve the strength of your Drupal website by adding some powerful Drupal security modules. This is an effective measure that you can easily implement.
Here is a short list of some modules:
3. Remove unused modules from your Drupal website
Identify those modules and remove them.
4. Block the access to the sensitive files
You can do this by configuring your .htaccess file. It is the one containing details of crucial importance regarding your website access and credentials.
Just specify the IP addresses allowed to access those core folders, files, and subdomains.
<FilesMatch "(authorize|cron|install|upgrade)\.php"> Order deny, allow deny from all Allow from 127.0.0.1 </FilesMatch>
5. Install SSL certificate
6. There are more ways to secure a Drupal website, more complicated and efficient
PS: Don't forget to make daily backups of your website.