Cloning your site is another level in fix wordpress malware removal which may be very useful. Cloning simply means that you've backed up your site to a completely different visit our website location, (offline, as in a folder, so as to not have SEO issues ) where you can access it in a moment's notice if the need arises.
Use strong passwords - Do what you can to use a password, alpha-numeric. Easy to remember passwords are easy to guess!
1 thing you can take is to delete the default administrator account. This is critical because if you don't do it, a user name that they could attempt to crack is known by malicious user.
Take note of your new password to the next time you sign in! I recommend the version of the protected software *Roboform* to remember your passwords.
Always keep in mind the security of your sites depend on how you handle them. Be certain that you follow these basic tips to avoid exploits and hacks on your own blogs and sites.