...
When possible, inactivate the user 1, as this is the user with the greatest privileges and very often bypasses all Drupal security layers. Use regular users with administrator
role instead, especially on already launched websites.
5. Use Drupal security modules
...