Okay, you got me: WordPress security isn't the sexiest way to spend your time, but it could end up being one of the most profitable! Nothing is more caustic to the lining of your stomach than having your site go down, and wondering whether or not you've lost it all.
Let me shoot a couple of scare tactics your way since scare tactics appear to be what drives some people to take fix hacked wordpress site a little more seriously, or at the very least start considering the issue.
Protect your login credentials - Do not keep your login credentials where a hacker might locate them. Store them offsite, and even offline. Roboform is i was reading this for protecting them good look at this web-site . Food for thought!
You first need to create a new user with administrator rights, before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Enter all the information you need to enter.
So what's the best way? Out of all the choices that are available right now, which one is appropriate for you personally and which route should you choose?
However, I advise that you set up the Login LockDown plugin as opposed to any.htaccess controls. That will stops login requests from being allowed from a certain IP-ADDRESS for an hour or so after three failed login attempts. It is still possible to access your admin mobile while from your workplace, and yet you still have protection against hackers if you accomplish that.