I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
how to fix hacked wordpress site will tell you that there's not any htaccess in the wp-admin/ directory. You may put a.htaccess file within this directory if you desire, and you can use it to control access to the directory or address range. Details of how to do that are available on the internet.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, that hides the files out of public view.
You also need to place the"Anyone Can Register" in Settings/General to off, and you ought to have some sort of spam plugin. Akismet is the old standby, the one I use, but there are lots of them these days.
So what's the best way? Out of all the possible choices that are available today, which one is right for you personally and which route go should you choose?
There is. People know where they can login and additionally they could just visit your login form and try a different combination of user accounts and passwords out. In order to stop this from happening you want to set up Login Lockdown. It check out this site is a plugin that only allows users to try and login with a password three times. Following that the IP address will be banned from the server for a specific amount of time.