A half and year educated us that WordPress security shouldn't be taken lightly by any means. Between 15% and 20% of the planet's high traffic sites are powered by WordPress. The fact that it is an Open Source platform and everybody has access to its Source Code makes it a prey for hackers.
Finally, how to fix hacked wordpress will also tell you that there's not any htaccess from the wp-admin/ directory. You can put a.htaccess file if you desire, and you can use it to control access from IP address to the wp-admin directory or address range. Details of how to do that are easily available on the net.
Safeguard your login credentials - Don't keep your login credentials where a hacker could find them. Store them off, as well as offline. Roboform is for protecting them very good . Food for thought!
There's a section of config-sample.php that is headed"Authentication Unique Keys." There are. A hyperlink is within that section of code. You want to enter that link into your browser, copy the contents that you get back, and then replace the keys you have with the unique, pseudo-random keys offered by the website. This makes it harder for attackers to automatically generate a"logged-in" cookie for these details your site.
It's time use this individual's name and identity to pose as your buddy and to register for a Facebook account. Once I get it all set up, I'll be emailing you posing as your friend and asking you to be friends with me on Facebook (or Twitter, or whichever social site).
Implementing all the above will take less than an hour to complete, while creating your WordPress site more immune to intrusions. Over 1 million WordPress websites were last year, largely due to easily preventable security gaps. Have yourself prepared and my site you're likely to be on the safe side.