You're not alone. Me and many nice people here are willing to help.
Actually it's not as risky as it sounds if you have done enough preparations:
1. Make backup of your website.
Find and install a backup plugin. Remember, the things you need to backup are database and files. My suggestion is to use BackUpWordPress plugin. Once you backup your website, save it to your local computer. If you have backup, you can restore your website no matter what bad things happened, the success rate is nearly 100%. It's not hard to restore from backup, you may also ask your webhost, they usually will help you because it's really not hard to restore a website.
2. Save your .htaccess file.
Can you and do you know how to use File Manager (cPanel)? You should keep a copy of .htaccess file. The easiest way to do it is to make a copy of the file and rename it, I usually name it as .htaccessBackup.
3. Save your wp-config.php file.
Similar to the no. 2. You should keep a copy of wp-config.php using File Manager. Copy it and rename to for example wp-configBackup.php.
4. Don't enable the things you don't understand.
Once, you install and activate this Better WP Security plugin, you should not enable anything you don't understand. Most problems people do with this plugin, is to enable the features that's not compatible with their website or webhost environment.
5. Stay away with these feature, they're may be too risky:
- Away Mode (may block yourself)
- Content Directory (may cause problem with other plugins)
- Database Backup (may not compatible with some webhosts)
- Database Prefix (may cause problem with other plugins)
- File Change Detection (may not compatible with some webhosts)
- SSL (can cause chaos if you don't know what it is)
6. Those above (no. 5) should be avoid, have great potential to break your website. Here below are less potential, you may try but only enable it one-by-one and leave it for some days to examine if your website still working correctly:
- Default Banned List (may block some good bots)
- Filter Request Methods (compatible problem with a few plugins)
- Filter Suspicious Query Strings (compatible problem with a few plugins)
- Prevent long URL strings (compatible problem with a few plugins)
7. Enable only one at a time.
Avoid to enable several features at once. You should enable only 1 and leave it for some days to see if something weird will happen.
On most cases, even it breaks your website, it can be easily repair by copy/paste your .htaccess and wp-config.php. So you should keep a copy of them before you install this plugin. Only on very rare cases, you will need to use backup files to restore your website.