Via using a fix wordpress malware protection backup plugin, the best way to ensure that your is in my view. This is a relatively inexpensive, easy and elegant to use way to make sure your site is available to you in the event of a disaster.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, that hides the files out of public view.
Keep your WordPress Setup to date - One of the easiest and most valuable tasks you can do yourself is to ensure that your WordPress installation is upgraded. WordPress gives you a notice on your dashboard, so there's really no reason not to do this.
In addition to adding a secret key to your wp-config.php document, also consider altering your user password into something that's strong and unique. WordPress will let you know the strength of your password, but a great idea is to avoid phrases, use letters, and include amounts. It's also a good idea to change your password regularly - say once every six months.
Oh . And by the way, I was talking about plugins. Make sure it's a secure one, try here when you get a plugin. Don't install any plugin just because the owner web link is saying on his site that plugin will help you do that or this. Use a test site to check the plugin, or maybe get a software engineer to examine it. This way isn't a threat for you or your business.