Since scare tactics appear to be at least start thinking about the problem, or what compels some people to take fix malware problems free a bit more seriously, allow me to shoot a few scare tactics your way.
Protect your login credentials - Do not keep your login credentials where a hacker might find them. Store them off, as well as offline. Roboform is very good for protecting them, too. Food for thought!
There is a section of config-sample.php that's headed"Authentication Unique Keys." There are four definitions that appear within the block. A hyperlink is within that section of code. You want to enter that link into your browser, copy the contents which you get back, and then browse around these guys replace the keys you have with the unique, pseudo-random keys offered by the site. This makes it harder for attackers to automatically create a"logged-in" cookie for your website.
Make a note of your password! I suggest the paid or free version of the software *Roboform* to remember your passwords.
There important link is. see this People know they could just drop by with your login form and where they can login and try a different combination of passwords and user accounts out. So as to stop this from happening you need to install Login Lockdown. It's a plugin that only allows users to try and login with a password three times. Following that the IP address will be banned from the server for a specific amount of time.