Being Smart About SecurityI have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
It helped me although my first step is. I had a fantastic old style pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me) And I did what I should have done before I even started my site. And here is where I would like you to start as well. Learn hacked. The beautiful thing about how to fix hacked wordpress site and why so many people recommend it is because it is easy to learn. That can also be a detriment to the health of our sites. We need to learn how to put in a security fence around our site.
Don't make the mistake of believing that your web host will have your back as far as WordPress backups go. Not always. It has been my experience that the company may or may not be doing proper backups while they say that they do. Take that kind of chance?
Move your wp-config.php file up one directory from the WordPress root. WordPress will search for it if it cannot Look At This be found in the main directory. Also, nobody else will be able to read the document unless they have FTP or SSH access.
Another step to take to this website make WordPress more secure is to always upgrade WordPress to the latest version. The reason for this is that with each new upgrade there also come fixes for security holes that are old making it essential to upgrade early.
However, I recommend that you install the Login LockDown plugin in place of any.htaccess controls. Login requests will stop from being allowed from a specific IP address for an hour after three unsuccessful login attempts. You may still get into your panel whilst away from your workplace, and yet you still have good protection against hackers if you do that.