There's a portion of config-sample.php that is led'Authentication Unique Keys.' Four explanations that appear within the block will be found by you. There is a hyperlink how to fix hacked wordpress site inside that part of code.You change, copy the contents that you return, and have to enter that link into your browser. That makes it harder for attackers to create a'logged-in' dessert for your site.
Protect your login credentials - Don't keep your login credentials where they might be found by a hacker. Store them off, and even offline. Roboform is for protecting them good , too. Food for thought!
I don't think there is a person out there that go right here after learning how much of a problem WordPress hacking is that it is a good idea. Something I've noticed over the years is that when it comes to securing their blogs, bloggers seem to be stuck in this reactive state.
Install the WordPress Firewall Plugin. This plugin investigates web requests with WordPress-specific heuristics that are easy to recognize and stop obvious attacks.
However, I recommend that you install the Login LockDown plugin in place of any.htaccess controls. From being permitted after three unsuccessful login attempts from a specific IP address for one hour, login requests will stop. If you do that, you can still access your admin panel while away from your office, and yet you internet still have great protection against hackers.