My first step isn't one you have to take but it helped me. I had a good old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And then I did before I started my site, what I should have done. And here is where I would like you to start. Learn hacked. The thing about fix wordpress malware virus and why so many of us recommend because it is easy to learn, it is. Unfortunately, that is also a detriment to the health of our sites. We have to learn how to put in a security fence.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, which hides the files out of public view.
I don't think there's a person out there that after learning how much of a problem WordPress hacking is that it's a good idea. However is that when it comes to securing their blogs, bloggers seem to be stuck in this state.
In addition to adding a secret key to your wp-config.php file, also think about altering your user password to something that is strong and unique. A great tip is to avoid common phrases, use upper and lowercase letters, and include numbers, although wordPress will let you know the strength of your password. It's also a good idea to change your password frequently - say once.
Change your password, frequently, or your WordPress admin and password web username and collect and use other fantastic WordPress security tips to keep hackers out!