You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
Ultimately, fix wordpress malware virus will inform you that there is no htaccess inside the directory. You can put a.htaccess record in to this directory if you would like, and you can use it to handle this wp-admin directory by Ip Address address or address range. Details of how you can do this are plentiful around the net.
After spending a few days and hitting a few spots around town, I eventually find a cafe which offers free, unsecured Wi-Fi and to my pleasure, there are tons of folks sitting around each day connecting their laptops to the"free" Internet this service. I sit down and use my handy dandy cracker tool and log myself into people's computers. Bear in mind, they're all on a network.
One step you can take is to delete the default administrator account. This is critical because if you do not do it, malicious user know a user name which they could try to crack.
Along with adding a secret key to your wp-config.php document, also consider changing your user password to something that's strong and unique. WordPress will let you know the strength of your password, but a great idea is to avoid common phrases, use upper and lowercase letters, and include amounts. It's also a good idea to change your password regularly - say once.
I prefer using a WordPress plugin to get the job done. Just make sure is able to do select copies, has restore functionality, and can clone. Be sure that it is often updated to keep pace. There is not any use in not functioning, and backing your data up to a plugin that is out of date.