We will explain whether or not hacking (tampering and malware infection) can be prevented if you convert your WordPress site to SSL (HTTPS).

In conclusion, just because a site has been converted to SSL, it does not prevent hacking and tampering at all!

SSL (HTTPS) encrypts the communication between the server where the website data resides and the browser.

This means that data is retrieved along the way by Wifi relay devices or data transmission between servers, and only the person connecting to the server will know what data the user sent (request) and what results the server returned.

However, this does not prevent hackers from attacking. The reason is that SSL does not prevent brute force attacks and vulnerability attacks, which are the most common methods of WordPress tampering.

(The most common way to gain administrative privileges is through a brute force attack.

SSL can prevent WordPress login information from being obtained in the process and the password for administrator privileges from being compromised.

However, the WordPress administrator privilege is taken by a brute force attack, in which a hacker uses a tool to repeatedly perform tens of thousands of login operations using commonly used passwords until he or she hits the target.

Vulnerability attacks cannot be prevented by SSL

SSL is only an encryption of data transmission, so even if a hacker checks your site for vulnerabilities, uses the vulnerabilities to send unauthorized data to tamper with your site, or writes a backdoor into your server, it will still go through.

Preventing vulnerability attacks requires either plugging the vulnerability or running a security system that detects and intercepts vulnerability attacks.

What does it mean to use SSL?

So what are the security implications of going SSL?
SSL is not meaningless, as it increases the confidentiality of data transmitted by you and your users by encrypting the transmission.

Specifically, SSL is the most effective way to prevent the following types of information from being exchanged and leaked on the site
Transmission of login IDs and passwords
Transmission of personal information such as address
Transmission of credit card information, etc.

SSL is also said to give users of a site a sense of security and preferential treatment by search engines.
It is recommended that both site SSL and security measures be taken.

Reference
Five free WordPress security measures
Free WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].