Keeping an old Mac with El Capitan safe

[InfiniteLoopy]

I have an old MacBook that won’t go beyond El Capitan. For the time being, it’s adequate for my needs as I mainly use an iPad.
I keep third party apps on the Mac to a minimum and avoid using it to surf online as I use the iPad for that. Even though I don’t use it to surf, some apps connect to the internet so I need to maintain a connection. What can I do to ensure it’s safe in this case? I thought of an anti-virus but it seems that they aren’t really recommended.
I’m just looking to secure an old MacBook from online threats that don’t come from direct surfing.

 

[Fishrrman]

I'd just use it and not worry about all kinds of nebulous "threats".
Run MalwareBytes on it once a day, just to be sure.

 

[ddmcnair]

To keep it safe:
1: Turn on your firewall.
2: Use Time Machine to keep a backup (step 1 of the 1-2-3 plan)
3. Keep on offline backup (step 2 of the 1-2-3)
4. Store an offline copy at a remote location (step 3 of the 1-2-3)
5. Understand that the older your config is, and the more hacking tools advance, the only surefire way to prevent a hacker from remotely accessing your vulnerable machine is to disconnect it from the internet when it does not need to be connected.

 

[InfiniteLoopy]

Thanks for the replies.

 

[MBAir2010]

i feel safer using my MacBook air 2010 for downloading apps and converting things than i would using something today.

 

[STS Australia]

You'll be fine, the two biggest threats you face are by giving your password to something malicious (human error) and Javascript phishing attacks (Firefox + NoScript works wonders for me.) The firewall is near useless, though turning it on won't hurt. The decent firewall (PF) is hidden by Apple by default.