fix wordpress malware removal will inform you that there is no htaccess within the directory. You may put a.htaccess record in to this directory if you would like, and you can use it to handle the wp-admin directory from Ip Address address or address range. Details of how you can do this are plentiful around the net.
Backup plug-ins is also significant. You need to backup database and all the files you can bring back your own blog like nothing.
Yes, you want to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More, if at all possible. Definitely if you make additions get more and changes to your site. If you have a community of people which are in there all the time, or make changes multiple times a day, a backup should be a minimum.
Make a Visit Website note of your new password to the next time you sign in! I recommend the paid or free version of the software *Roboform* to remember your passwords.
Do your homework and some searching, but if you are pressed for time and need to get this done once and for all, try the WordPress security plugin that I use. click site It is a relief to know that my website (and business!) are secure.