My first step isn't one you have to take but I was helped by it. I had a good old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me) And then I did important site before I started my website, what I should have done. And here is where I want you to start as well. Learn hacked. The attractive thing about fix wordpress malware attack and why so many people recommend because it is really easy to site link learn it is. That can also be a detriment to the health of our sites. We have to learn how to add a safety fence.
Use strong passwords - Do your best to use a strong password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are easy to guess!
Is to delete the default administrator account. This is important because if you do not do it, a user name which they could attempt this content to crack is already known by malicious user.
Now we're getting into matters specific to WordPress. You must rename it to config.php and modify the document config-sample.php, when you install WordPress. You will need to deploy the database facts there.
These are a few. Fantastic thing is that they don't need much time to do. These are also options, which can be carried out.