I have had two WordPress blogs. That was at a time when I was doing almost no online marketing, and until I found time to deal with the situation (weeks later), these sites were penalized at the main search engines. They weren't eliminated the evaluations were reduced.
Since scare tactics appear to be what drives some people to take repair hacked wordpress site a bit more seriously, or at the very least start thinking about the problem, let me shoot a scare tactics your way.
Basically, it will all start with the fundamentals. Try using complex passwords. Use numbers, letters, special characters, and spaces and combine them to make a password that is unique. You can also use usernames that are not obvious.
Recently, the blog of Reuters was murdered by an unknown hacker and published a news article that was fake. Due to what the hacker did since Reuters is a news website, their reputation is already ruined. In the event you don't pay attention on the security of your WordPress 20, the linked here same thing may happen to you.
Black and pathological-looking phrases that were whitelists based on which area they appear inside. (unknown/numeric parameters vs. known post bodies, comment bodies, etc.).
However, I recommend that you install the Login LockDown plugin as opposed to any.htaccess controls. Login requests will be ceased by that from being permitted from a specific IP-ADDRESS for an hour or so after three failed login attempts. You can still access your admin mobile while and yet you have protection against hackers, if you accomplish this.