Cloning your site is another degree in how to fix hacked wordpress site that can be very useful. Cloning simply means that you have backed up your site to a totally different location, (offline, as in a folder, in order to not have SEO issues ) where you can get it in a moment's notice if the need arises.
Truth is, if a master of this script targets your own website, there is actually no way to prevent an intrusion. Everything you are about to read below are some actions you can take to minimize the risk. Odds are a hacker would prefer picking easier victim, another, if read what he said your WordPress site is protected.
Move your wp-config.php file one directory up from the WordPress root. WordPress will look for it there if it cannot be found in the main directory. Also, nobody else will have the ability to read the document unless they've FTP or SSH access to your server.
Now we're getting into matters specific to WordPress. Whenever you install WordPress, you need to edit the document config-sample.php and rename it to config.php. You need to install the database details there.
Always bear in mind that the safety of your blogs depend on how you handle them. Be sure that you follow these strategies to prevent view hacks and exploits on websites and your own blogs.