Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear"above the fold" Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve - screaming logos and headers!
Since scare tactics seem to be what compels some people to take fix wordpress malware a bit more seriously, or at the very least start considering the issue, allow me to shoot a few scare tactics your way.
Hackers don't have the capability when you got all these lined up for your security, to come to your WordPress blog. You definitely can have a WordPress account which provides you big bucks from affiliate marketing.
You also need to set the"Anyone Can Register" in Settings/General to off, and you ought to have some type of spam plugin. Akismet is the one I use, the old standby, but there are lots of them these days.
Note that this last step for setups should only try. If you might like to do it for installations, you will also need to change of the table names inside the database.
Utilizing a plugin for WordPress security makes sense. Backups need to be carried out on a regular basis. Do not become my blog a victim as a result of not being proactive about your own site!