By default, the latest version of WordPress is pretty darn secure. The development team of WordPress has considered anything which may have been added to any fix wordpress malware attack plugins. In the past , WordPress did have holes but most of them are stuffed up.
Backup plug-ins is also significant. You need to backup database view and all the files you can bring back your site like nothing.
A snap to move - If, for some reason, you want to relocate your site, like a domain name change or a new hosting company, having your files at your fingertips can save you oodles of time, hassle, and the need for tech help.
Can you view that folder Imagine if you visit WP-Content/plugins? If so, upload that blank Index.html file inside that folder as well so people can not view what plugins my review here you might have. Because if your version of WordPress is current, if you are using an old plugin or a plugin using a security hole, someone can use this to get access.
Change your password, or at least admin username and your WordPress password and collect and you can find out more use other WordPress safety tips to keep hackers out!