I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
I back up my blogs frequently using a free plugin WP DB Backup. If anything happens I will restore my blog. I use my site to be scanned by WP Security Scan free plugin and asks to be blocked by WordPress Firewall to how to fix hacked wordpress.
This is great news because it means that there's a community of developers and users who can enhance the platform. Whenever there's a group there will always be people who will try to take them down.
Move your wp-config.php file up one directory from the WordPress root. WordPress will look for it there if it can't be found in the main directory. Additionally, nobody will have the ability to read the file unless they have FTP or SSH access.
Safety plug-ins that were all-Rounder can be article considered as a security checker that was full. They check and scan the website and provide you with information concerning the probable weaknesses of the website.
However, I recommend that you set up the Login LockDown plugin instead of any.htaccess controls. That will stop login requests from being permitted from a certain IP address for one hour after three click this site unsuccessful login attempts. You may access your panel while and yet you still have protection against hackers if you do that.