I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
fix wordpress malware protection will tell you that there is not any htaccess from the directory. You can put a.htaccess file if you wish, and you can use it to control access from IP address to the wp-admin directory or address range. Details of how to do this are easily available on the internet.
No software system is immune to bugs and vulnerabilities. Security holes will be discovered and bad guys will do their best to exploit them. Keeping your software up-to-date is a good way to stave off attacks, once security holes are found, because their products will be fixed by software sellers.
Exclude pages - This plugin adds a checkbox,"include this page in menus", which is checked by default. If you uncheck it, the page won't appear in any listings of webpages (which contains, and is ordinarily limited to, your page navigation menus).
As I (our untrue Joe the Hacker) know, people have way too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two blog logins, have a peek here FTP, internet hosting, etc. accounts which all include logins and passwords you need to remember.
These are a few of the things I do to secure my blogs. Fantastic thing is they don't require much time to do. These are simple solutions, which can be done easily.