repair hacked wordpress site Watch out form entries. You can useRegexp to process the data . You can even define preloaded variables as form data in the form of checkboxes, radiobuttons etc..
Strong passwords - Do what you can to use a password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are easy to guess!
Yes, you want to do regular backups of your website. I recommend at least a weekly database backup and a monthly "full" backup. More, if at all possible. If you make additions and changes definitely more. If you make changes multiple times every day, or have find out here now a community of people which are in there all the time, a daily backup should be a minimum.
What if you go to WP-Content/plugins, can you view that folder? If so, upload this blank Index.html file inside that folder as well so people can't see what plugins you might have. Because even if your version of WordPress is up to date, if you're using an old plugin or a plugin using a security hole, someone can use this to get access.
Oh . And incidentally, I was talking about plugins. Make sure it's a safe one, when you get a plugin. Don't install any plugin because the owner is saying that plugin can help you do that or this. Maybe use a test site to check the plugin, or maybe get a software engineer to analyze it. This way isn't a threat for you or your organization.