secure your wordpress website Watch out form submissions. You may usethe information to be processed by Regexp . You can even define preloaded variables as form data in the form of checkboxes, hop over to these guys radiobuttons etc..
Backup plug-ins is also significant. You need to backup database and all the files so in the event of a sudden attack, you can bring back your own site like nothing happened.
Exploit Scanner goes through the files on your website database, comment and place tables seeking anything suspicious. It also notifies you for plugin names. It doesn't remove anything, it warns you for threats.
Can you view that folder, what if you go to WP-Content/plugins? If so, upload that blank Index.html file inside that folder as well so people can't view what plugins you might have. Someone can use this to get access because if your current version of WordPress visit here is current, if you're using a plugin or an old plugin using a security hole.
I prefer using a WordPress plugin to get the job done. Just make sure that the plugin you select is able to do select copies, has restore and can clone. Also be sure that it is frequently updated to keep pace with all versions of WordPress. There's absolutely not any use in not working, and backing up your data to a plugin that's out of date.