You want to get rid of those (standard) ugly urls. Like https://stijnbernaer.com/?p=1. You rather want to have a url as https://stijnbernaer.com/this-is-an-awesome-post
Change default Tagline & Site Title
Remove the “Hello world” post and the “Sample Page” page.
Make sure your “Display name publicly as” is a recognizable name (you can change that the way you want it to be displayed).
Language / Location
Configure that to the language/region that is most relevant to your main audience.
Fav icon is the icon one sees typically when you have multiple tabs open.
Also it’s often shown in the Google Search Results.
Enough reasons to change the default WordPress icon into a more professional looking one.
Btw if you don’t have inspiration, just use a letter as favicon.
Quick way: open canva, chose 512×512 pixels as dimensions and add one or more ltters with a color that stands out.
Contact your lawyer for the legal side of things.
I always make sure the admin users don’t have a trivial usernames. Absolutely avoid the username admin but also like your first name or a combination of your first/last name.
Robots are intelligent enough to auto-guess a set of usernames. So I always generate a random username.
Off course your password needs to be strong as well.
Ssl / Certificate
Make sure you have a valid certificate installed.
I tend to use Let’s Encrypt (which is free) or use the built-in certificate of Cloudflare (which has also a free version).
I use “UpdraftPlus WordPress Backup Plugin” and also configure it so a backup goes regularly to my Dropbox account.
Manage Cookies / Pixels plugin
Broken Link Checker
Install your preferred theme. Mine is Divi.
Delete all unnecessary themes.
General (independent of WordPress)