Finally, fix malware problem will inform you that there is not any htaccess within the directory. You may put a.htaccess record in to this directory if you would like, and you can use it to manage usage of this wp-admin directory from Ip Address address or address range. Details of how you can do that are plentiful around the net.
Essentially, it will all start with the fundamentals. Attempt using complex passwords. Use numbers, letters, special characters, and spaces and combine like this them to make a unique password. You can use usernames that are not obvious.
It's a WordPress plugin. They are drop dead simple to set up, have all the functions you need for a job such as go to my site this, and are relatively inexpensive, especially when compared to having to employ someone to get this done for you.
Now we are getting into matters specific to WordPress. You must rename it to config.php and modify the document config-sample.php, when you install WordPress. You need to set up the database facts there.
Utilizing a plugin for WordPress security only makes great sense. WordPress backups will need to be performed on a regular basis. Do not become a victim of not being proactive about your site because!