Year and a half taught us that WordPress security shouldn't be dismissed by any means. Between 15% and 20% of the world's high traffic websites are powered by WordPress. The fact it is an Open Source platform and everyone has access to its Source Code makes it a prey for hackers.
Cloning your website is another degree in fix wordpress malware fix which may be very useful. Cloning simply means that you've backed up your website to a totally different location, (offline, as in a folder, so as to not have SEO problems) where you can get it in a moment's notice if necessary.
Hackers don't have the capability to come to a WordPress blog when you got these lined up for your own security. You definitely can have a WordPress account that provides you big bucks from affiliate marketing.
Maintain control of your assets that are online - Nothing is worse than getting your livelihood in the hands of somebody else. Why take chances with something as important as your website?
Now we are getting into matters index specific to WordPress. You have to rename it to config.php and modify the file config-sample.php, when you install WordPress. You need to deploy the database facts there.
However, I recommend that you install the Login LockDown plugin as opposed to any.htaccess controls. Login requests will helpful hints be ceased by that from being allowed from a for an hour or so after three failed login attempts. You can access your admin mobile while and yet you have good protection against hackers, if you accomplish this.