Finally, fix wordpress malware attack will inform you that there's no htaccess inside the directory. You can put a.htaccess record into this directory if you want, and you can use it to manage usage of this wp-admin directory from Ip Address address or address range. Details of how you can do that are plentiful around the net.
Truth is, there is actually no way to prevent an intrusion, if your own site is targeted by a master of this script. Everything you are about to read below are some precautionary measures you can take to quickly minimize the risk. If your WordPress site is well protected odds are a hacker would prefer picking easier victim, another.
First in line is currently creating a smarter password this hyperlink for your account. Passwords must be made with numbers and characters. You can combine them and make plus altered letters. Smarter passwords can be your gateway to zero hackers. Make passwords that you can think of.
Black and pathological-looking phrases that were whitelists based on which field they look inside, in a page request. (unknown/numeric parameters vs. known article bodies, remark bodies, etc.).
Do your homework and some searching, but if you are pressed for time and need to get this done once and for all, try out the WordPress safety plugin that I use. It's a relief to know that my website (and business!) are secure.