You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
It helped me although my first step isn't one you must take. I had a good old style pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And then I did what I should have done before I started my website. And here is where I want you to start. Learn how to protect yourself until you get hacked. The thing about fix wordpress malware virus and why so many of us recommend it is because it is easy to learn. That is also a detriment to the health of our sites. We need to learn how to put in a security fence.
Protect your login credentials - Don't keep your login credentials where a hacker could news find them. Store them offsite, and even offline. Roboform is good for protecting them, too. Food for thought!
Maintain control of your assets that are online - Nothing is worse than getting your livelihood in the hands of someone else. Why take chances with something as important as your website?
It's really sexy to fan the flames of fear. That's what bloggers and journalists and politicians and public figures mostly do. It's terrific for readership and it brings money to the war chests. Balderdash.
However, I recommend my explanation that you install the Login LockDown plugin in place of any.htaccess controls. This will stop login requests from being permitted from a specific IP address for an hour after three failed login attempts. If you do so, you can still get into your admin panel while and yet you still have good protection against hackers.