There is a portion of config-sample.php that's led'Authentication Unique Keys.' You will find four explanations that appear within the block. A hyperlink is fix wordpress malware protection inside that part of code.You change the keys you have with the pseudo-random keys supplied by the website, copy the contents that you return, and have to enter that link into your browser. That makes it harder for attackers to create a'logged-in' dessert for your website.
Also, don't make the mistake of thinking click now that your hosting company will have your back so far as WordPress backups go. Not always. It's been my experience that the company may or may not be doing proper backups, while they say that they do. Take that kind of chance?
A snap to move - If, for some reason, you need to relocate your site, like a domain name change or a new web host, getting your files at your fingertips can save you oodles of time, hassle, and the need for tech help.
Note that you should try this last step for new installations. You'll websites also have to change all of the table names inside the database if you would like to do it for existing installations.
However, I advise that you install the Login LockDown website link plugin in place of any.htaccess controls. From being permitted after three failed login attempts from a specific IP address for one hour login requests will stop. You may get into your admin panel while and yet you have protection against hackers, if you do so.