I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
By default, the newest version of WordPress is pretty darn secure. Anything which may have been added to any secure your wordpress website plugins has been considered by the development team of WordPress . In the past , WordPress did have holes but most of them are filled up.
Protect your login credentials - Do not keep your login credentials where a hacker could locate them. Store them off, click for more and even offline. Roboform is very good for protecting them, too. Food for thought!
Move your wp-config.php file up one directory from the WordPress root. WordPress will search for it if it cannot be found in the root directory. Also, nobody else will be able to read the file unless they've FTP or SSH access.
Install the WordPress Firewall Plugin. This plugin investigates web requests with heuristics to identify and prevent obvious attacks.
I prefer using a WordPress plugin to see this here get the job done. Make sure the plugin you select is able to do backups that are select, has restore performance, and can clone. Be sure that it is frequently updated you could try these out to keep pace. There's absolutely not any use in backing your data up and not working.