fix wordpress malware attack will also tell you that there is not any htaccess in the directory. You may put a.htaccess file into this directory if you wish, and you can use it to control access from IP address to the directory or address range. Details of how to do that are easily available on the internet.
No software system is immune to bugs and vulnerabilities. Security holes will be discovered and click this men will do their best to exploit them. Keeping your software up-to-date is a good way once security holes are found because their website here products will be fixed by reliable software vendors.
Yes, you need to do regular backups of your website. I recommend at least a weekly database backup and a monthly "full" backup. More. If you can try this out you make regular additions and changes definitely more. If you make changes multiple times a day, or have a community of people which are in there all the time, a daily backup should be a minimum.
Make a note of your new password! I recommend the version of the software that is secure *Roboform* to remember your passwords.
Just make sure which you may schedule, and you decide on a plugin that's current with release and the version of WordPress, restore and replicate.