My first step isn't one you have to take but it helped me. I had a good old style pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And I did before I even started my site, what I should have done. And here is where I would like you to start as well. Learn hacked. The thing about secure your wordpress site and why so many of us recommend it is because it is really easy to learn. Unfortunately, that is also a detriment to the health of our sites. We have to learn how to add a safety fence.
Safeguard your login credentials - Don't keep your login credentials where a hacker might locate them. Store them off, as well as offline. Roboform is very good for protecting them, too. Food for thought!
Harness Scanner goes through the files on your website database, comment and sites place tables. It informs you for plugin names. It does not remove anything, it warns you for potential threats.
Another step to take to make WordPress secure is to upgrade WordPress. The main reason for this is that with each update there come fixes for security holes that are older which makes it essential to update early.
But realize that online security is. Do not just be the type, consider steps to begin today, protecting yourself. Do not let Joe the Hacker make your life miserable and turn all in creating come crashing down in a matter of seconds, that you've worked hard.