Finally, fix wordpress malware virus will tell you that there's no htaccess in the directory. You can put a.htaccess file into this directory if you desire, and you can use it to control access from IP address to the directory or address range. Details of how to do that are available on the net.
A simple way to maintain WordPress safe would be to use a few tools that are built-in. First of all, do not allow people run a web host security scan, to list blog the files in your folders and automatically backup your web hosting account.
Is to delete the default administrator account. This is important because if you index do not do it, a user name which they could try to crack is already known by malicious user.
Now we are getting into things. Whenever you install WordPress, you need to edit the document config-sample.php and rename it to config.php. You need to set up the database details there.
The plugin should be updated play nice with all your plugins, to remain current with the latest WordPress release and have WordPress and restore capabilities. The ability to clone your site (along with regular copies ) can be useful if you ever need to you could try these out do an offline website redesign, among other things.