How viable would business or your website be if parts of your database were to simply disappear ? Let us look at what you need to do to execute how to fix hacked wordpress site cloning, and how it can help your overall WordPress security that is .
Also, don't make the mistake of believing that your web host will have your back so far as WordPress backups go. Not always. It's been my experience that the company may or may not be doing proper backups, while they say they do. Why take that kind of chance?
You also need to place the"Anyone Can Register" in Settings/General to off, and you ought to have some type of spam plugin. Akismet is the one I use, the old standby, but browse this site there are many of them these days.
You can also get an SSL Encyption Security for your WordPress blogs. The SSL Security makes encrypted and secure communications with your site. So that all transactions are listed, you can even keep the all the cookies and history of communication. Make sure that all your blogs get SSL security for maximum protection.
However, I advise that you set up the Login LockDown plugin instead of any.htaccess controls. Login requests will stop from being permitted after three failed login attempts from a specific IP address for one hour. You may get into your admin panel whilst away from your workplace, and yet you have protection against hackers, if you do that.