Last year and a half educated us that WordPress security should not be dismissed by any means. Between 15% and 20% of the planet's high traffic sites are powered by WordPress. The fact that it is an Open Source platform and everyone has access to its Source Code makes it a prey for hackers.
Files can easily get lost if you don't have good protection on your website. A few of those files might be stored on your computer and easily replaceable, but what about the rest of them? If you lose the first time to them where are you going to get them out of again? Especially fix wordpress malware scanner is very important. Often sites have a lot of data and have created a number of documents. Recreating all that would be a nightmare, and not something any business owner would like to do.
Do not depend on your Web host - Many men and women depend on their web host to"do all that technical stuff for me", not realizing that sometimes, they don't! Far better to have the responsibility lie instead of from your control.
It's a WordPress plugin. They are drop dead simple to install, have all the features you need for a job such as navigate to this site this, and are relatively inexpensive, especially when compared to having to hire someone to get this done for you.
Now we are getting into matters. You must rename it to config.php and modify the file config-sample.php, when you install WordPress. You need to deploy the database facts there.
Do your homework and some searching, but if you're pressed for time and want to get this done once and for all, try the WordPress safety plugin that I use. It is a relief to know that my website (and company!) are secure.