I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
Finally, installing the rename your login url to secure your wordpress website Scan plugin will check most of this for you, and alert you to anything that you might have missed. Additionally, it will tell you that a user named"admin" exists. Of course, that is the user name. You find instructions if you desire and can follow a link. I think that there is a password enough security that is good, and since I followed those steps, there have been no attacks on the several sites that I run.
Everything you have worked for will go with this should the server of your site go down. You will make no sales, get signups or no visitors to your site, until you get the website back up 32, and in short, you are out of business.
Keeping your WordPress site up-to-date is one of the simplest things you can do. For the past couple of versions, WordPress has included the ability to set up updates. A new update becomes available.
You could also get an SSL Encyption Security for your WordPress blogs. The SSL Security makes secure and encrypted communications with your blog. So that all view website transactions are recorded, you can keep the all of the cookies and history of communication. Be certain see page that all your blogs get SSL security for protection from hackers.
However, I recommend that you install the Login LockDown plugin as opposed to any.htaccess controls. That will stops login requests from being allowed from a certain IP-ADDRESS for an hour or so after three unsuccessful login attempts. You can reference access your admin cell while and yet you still have good protection against hackers if you accomplish this.