I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
Finally, fix malware problem will also inform you that there's not any htaccess inside the directory. You can put a.htaccess record into this directory if you would like, and you can use it to handle the wp-admin directory by Ip Address address or address range. Details of how you can do this are plentiful around the net.
Well, we are talking about WordPress but what's the feeling of performing security checks and upgrades if your own computer is at risk of hackers. There are malicious files which can encrypt key loggers. Regardless of what you do, they are easily able to access everything that you type on your keyboard when this happens. You can find a lot of good antivirus programs . Look for a antivirus program or ask experts.
Yes, you want to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. Definitely more, if you make additions and changes to your website. If you have a community of people which are in there all the time, or make changes multiple times a day, a daily backup should be a minimum.
Now we're getting into matters specific to WordPress. Whenever you install WordPress, you have to edit the file config-sample.php and rename it to config.php. You want to set up the database information there.
Oh . And incidentally, I was talking about plugins. When you get a new plugin, make sure it's a safe one. Don't install any plugin because the owner is saying that plugin will check my site help you do that or this. Maybe use get a software engineer to analyze it, or perhaps a test site to look at the plugin. This way you'll know it is not a threat for your organization or you.