fix wordpress malware protection Watch out form submissions. You can useRegexp to process the information . You can even define preloaded factors as type data in the kind of checkboxes, radiobuttons etc..
Protect your login credentials - Do not keep your login credentials where a hacker might locate them. Store them offsite, as well as offline. Roboform is very good for protecting them, too. Food for thought!
I don't think there is a person out there that after learning just how much of a problem WordPress hacking is that it is a good idea to Resources enhance the safety of their blogs. However is that when it comes to securing their blogs, bloggers seem to be stuck in this state that is reactive.
In addition to adding a secret key to your wp-config.php file, also consider altering your user password into something that is strong and unique. A great tip is to avoid phrases, use letters, and include numbers, although you will be told the strength of your password by wordPress. It's also a good idea to change your password frequently - say once.
Those are three very simple things you can do to keep WordPress secure without plugins. Put a blank Index.html file in your folders, run your web host security scan and backup your entire account.