There is a part of config-sample.php that is headed'Authentication Unique Keys.' You will find four explanations that appear within the block. A hyperlink is fix wordpress malware fix within that section of code.You change the keys you have with the specific keys supplied by the website, copy the contents which you return, and have to enter that link into your browser. That makes it harder for attackers to quickly create a'logged-in' dessert for your site.
I protect an access to important files on the blog's server by putting an index.html file in the particular directory, that hides the files out of public view.
Move your wp-config.php file up one directory from the WordPress root. WordPress will search for it if it cannot be found in the root directory. Additionally, nobody else will be able to read the document unless they've SSH or FTP access.
Another step to take to make WordPress secure is to always upgrade WordPress to the latest her latest blog version. The reason behind this is that there come fixes for older security holes which makes it essential to upgrade.
But realize that security is something you must start thinking about. Don't only be the reactive type, consider action to start protecting yourself. Don't let Joe the Hacker make your life miserable and turn everything that you've worked so hard.