My first step is but I was helped by it. I had a fantastic old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me) And then I did what I should have done before I started my site. And here is where I want you to start. Learn how to protect yourself before you get hacked. The attractive thing about secure your wordpress website and why so many of us recommend because it is easy to learn it is. That is also a detriment to the health of our sites. We have to learn how to add a security fence around our site.
Don't make the mistake of thinking that your hosting company will have your back so far as WordPress copies go. Not always. While they say that they do, it has been my experience that the hosting company may or might not be doing backups. Why take that kind of chance?
I don't think there is a person out there that after learning just how much of a problem WordPress hacking is that it is a fantastic idea to enhance go to this website the security of their blogs. But something I've noticed through the years is that when it comes to securing their blogs, bloggers seem to be stuck in this reactive state.
As I (our untrue Joe the Hacker) know, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts which all include logins and passwords you need to remember.
There is another problem you have with WordPress. People know they could drop by with your login form and where they can login and try outside a different combination of user accounts and passwords. In order to prevent this from happening you want to install Login Lockdown. It's a plugin that allows users to try to login with a password three times. Following that the IP address will be banned from the server for a certain amount of time.