You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
Since scare tactics seem to be what compels some people to take fix wordpress malware plugin a little more seriously, or at the very least start considering the issue, let me shoot a scare tactics your way.
After spending a couple of days and hitting several spots around town, I eventually find a cafe which offers free, unsecured Wi-Fi and to my pleasure, there are tons of folks sitting around daily connecting their laptops to the"free" Internet service. I sit down and use my handy dandy Wi-Fi cracker tool and log myself into people's computers. Remember, they're all on a network that is shared.
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. If you make changes and additions to your site, definitely more. If you have a community of people which are in there all the time, or make changes multiple times a day, a backup should be a minimum.
Note that you should only try this step for setups. You will also have to change of the table names inside the database, if you would like to do it for installations.
However, I advise that you set up the Login LockDown plugin instead of any.htaccess controls. From being allowed after three failed login attempts from a specific IP address for one hour login this hyperlink requests will stop. If you do that, you may still access your admin panel while away from your workplace, and yet you have protection against hackers.