I've had two WordPress blogs. That was at a time when I was doing virtually no online advertising, and until I found time to handle the situation (weeks later), these sites were penalized in the major search engines. They were not eliminated the evaluations were reduced.
The fix wordpress malware removal Codex has an outline of what permissions are acceptable. File and directory permissions can be changed either through an FTP client or within the page from your hosting company.
Use strong passwords - Do your best to use a password, alpha-numeric. Easy to remember passwords are also easy to guess!
Exclude pages - This plugin provides a checkbox,"include this page in menus", which is checked by default. If you uncheck it, the page won't appear in any listings of webpages (which includes, and is ordinarily restricted to, your webpage navigation menus).
Can go to this site you view that folder Imagine if you go to WP-Content/plugins? If so, upload that blank Index.html file into that folder as well so people can't see what plugins you might have. Because if your existing version of WordPress is current, if you're using an old plugin or a plugin using a security hole, someone can use this to get access.
The plugin should be updated play nice to remain current with the latest WordPress release and have WordPress cloning and restore capabilities. The read this ability to clone your website (in addition to regular copies ) can be helpful if you ever need to do an offline site redesign, among other things.