2) Choose a theme suitable to your needs: portfolio, one page, magazine, blog, etc…
If you decide to use self hosting WordPress be sure to download themes (free or premium) from trustworthy sites. There are many sites that offers WordPress themes over official repository. To avoid use themes that includes malware code you can perform a check with the following plugins: Exploit Scanner, TAC, theme-check.
3) Use plugins that you only really need and that aren’t too heavy. Like for the themes be carefull about plugins from
untrustworthy sources.
The use of many plugins may slow down your site and it also use PHP memory, you can use the P3 plugin to monitor plugin performances currently used.
4) Increase WordPress default PHP memory limit setting using config.php file.
5) The security is never enough. If you use self hosting version you must use security plugins like Better WP Security, BulletProof Security, WP Security Scan; moreover password protect the administration area (wp-admin), many hosting control panels like cPanle allows to do it easily or you can do manually). Lastly but not last the protection against spam with Akismet plugin if you have comments enabled.
6) Optimize the site for SEO. Over adding the site to search engines like for example Google and Bing you must optimize it by enabling permalinks, by generating and adding a Sitemap for search engines (for example using Google XML Sitemap plugin) and use SEO plugins like All in one SEO Pack or WordPress SEO by Yoast.
7) Speed up the web site using a caching plugin like WP Super Cache or W3 Total Cache.
8) Do regular backups of all your WordPress files (for example you can do via FTP) and MySQL database (you can use plugins like WP-DBManager).