There is a part of config-sample.php that is headed'Authentication Unique Keys.' You will find. A hyperlink is fix hacked wordpress within that part of code.You copy the contents which you return, must enter that link in your browser, and change. This makes it harder for attackers to rapidly create a'logged-in' dessert for your site.
This is great news because it means that there's a strong community of users and developers who can enhance the platform. Whenever there is a group there'll always be people who will try to take down them.
Should you ever want to important site migrate your website elsewhere, such as a new hosting company, you'd have the ability to pull this off without a hitch, and also without having to disturb read what he said your old site until the new one was in place and ready to roll.
Along with adding a secret key to your wp-config.php document, also consider changing your user password to something that's strong and unique. WordPress will tell you the strength of your password, but a good idea is to avoid phrases, use letters, and include amounts. It's also a good idea to change your password regularly - say once.
Those are three things you can do to keep WordPress safe without plugins. Set a blank Index.html file in your folders, run your web host security scan and backup your whole account.