There is a part of config-sample.php that's headed'Authentication Unique Keys.' You will find. A hyperlink is fix hacked wordpress within that part of code.You copy the contents which you return must enter that link into your browser, and change. This makes it harder for attackers to rapidly generate a'logged-in' dessert for your site.
This is great news as it means that there's a strong community of users and developers that could further improve the platform. Whenever there is a big group there will always be people who will attempt to find out here take down them.
Harness Scanner goes through the files on your site database, comment and place tables seeking anything suspicious. You are also notified by it for odd plugin names. It does not remove anything, it simply warns you for threats.
Whitelists pathological-looking phrases and black based on which area they look within. (unknown/numeric parameters click site vs. known post bodies, comment bodies, etc.).
However, I advise that you install the Login LockDown plugin as opposed to any.htaccess controls. That will stops login requests from being allowed from a for an hour or so after three failed login attempts. You can access your admin cell while from your office, and yet you have good protection against hackers if you accomplish that.