Since scare tactics appear to be what compels some people to take how to fix hacked wordpress a little more seriously, or at least start considering the issue, let me shoot a scare tactics your way.
It will start with the basics. Attempt using passwords. Use spaces, numbers, special characters, and letters and combine them to create a special password. You can also use.
Keep your WordPress Setup to date - One of the simplest and most valuable tasks you can do yourself is to make sure your WordPress installation is upgraded. WordPress gives you a notice on your dashboard, so there's really no reason to not do this.
Now a knockout post we're getting into matters specific to WordPress. You have to rename it to config.php and modify the file config-sample.php, when you install WordPress. You will need to deploy the database facts there.
Just make sure which you may schedule, and you choose a plugin that is current with the version and release of WordPress, restore and replicate.