Additionally, it is important to change your password and admin username if someone needs admin username and your password to login to perform the work and helps you with your blog. After all of the work is finished, admin username and your password changes. Someone in their business might not be, even if the person is trustworthy. Better to be safe than sorry!
It helped me although my first step is not one you must take. I had a good old style pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me) And I did what I should have done before I started my site. And here is where I would like you to start. Learn how to protect yourself before you get hacked. The thing about clean hacked wordpress site and why so many of us recommend because it is really easy to learn, it is. That can also be a detriment to the health of our websites. We have to learn how to put in a security fence around our website.
No software system is immune to bugs and vulnerabilities. Security holes will be found and bad men will do their best to exploit them. Keeping your software up-to-date is a good way once security holes are found, because their products will be fixed by software vendors.
Move your wp-config.php file one directory up from the WordPress root. WordPress will look for it there if index it can't be found in the main directory. Also, nobody will be able to read the file unless they've FTP or SSH access.
Note that you should try this last step for setups. You have to change all of the table names inside the database if you would like to get it done for installations.
Just ensure which you may schedule, and you choose a plugin that's up to date with release and the version of WordPress, restore and clone.