When I was in college, one of my business instructors told us students that one of the greatest barriers to making money in business was procrastination.
Finally, fix hacked wordpress will tell you that there is no htaccess in the directory. You may put a.htaccess file within this directory if you desire, and you can use it to control access by IP address to the wp-admin directory or address range. Details of how to do this are available on the net.
If you're one of the proactive ones, I might find it a little more difficult to crack your password. But if you're among the ones, I might get you.
Exploit Scanner goes through the files on your site comment database and post tables. It notifies you for plugin names that are odd. It does not remove anything, it simply warns you.
Note that you should try this step for new installations. You have to change of the table names inside the database if you might like to get it done for installations.
There is another problem you have with WordPress. People always know they also could click for more info just visit with your login form and where they can login and try outside a different combination of passwords and user accounts. In order to prevent this from happening you want to set up Login Lockdown. It is a plugin that allows users to try and login with a wrong password three times. After that the great sitebest site IP address will be banned from the server for a specific timeframe.