Okay, you got me: WordPress security isn't the sexiest way to spend your time, but it could end up being one of the most profitable! Nothing is more caustic to the lining of your stomach than having your site go down, and wondering whether or not you've lost it all.
I was helped by it although my first step is not one you must take. I had a good old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me) And then I did what I should have done before I started my website. And here is where I want you to start also. Learn how to protect yourself until you get hacked. The thing about fix hacked wordpress site and why so many of us recommend it is because it is really easy to learn. That can be a detriment to the health of our sites. We have to learn how to put in a security fence around our site.
Use strong passwords - Do your best to use a password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are also easy to guess!
Move your wp-config.php file up one directory from the WordPress root. WordPress will search for it if it cannot be found in the main directory. Also, nobody will be able to read the document unless they have FTP or SSH access to your server.
Note that you should only try this last look at this site step for new installations. You have to change the table names within the database, if you might like to get it done for existing installations.
Using a plugin for WordPress security just makes sense. Backups will need to be carried out on a regular basis. Don't become a victim as a result of not being proactive about your site!