There are countless blogs all over the Internet. Money is being made by some of us and some don't. Many of the bloggers use WordPress at the moment. You need to make certain that your blog is protected.
My first step isn't one you must take but I was helped by it. I had a good old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And then I did what I should have done before I started my website. And here is where I want you to start as well. Learn hacked. The thing about fix wordpress malware plugin and why so many people recommend it is because it is so easy to learn. That can be a detriment to the health of our websites. We need to learn how to add a security fence around our site.
I protect an access to important files on the blog's server by putting an index.html file in the particular directory, that hides the files out of public view.
Keep control of your online assets - Nothing is worse than getting your livelihood in somebody else's hands. Why take chances with something as important as your site?
You may extend the plugin features with premium plugins such as: Amazon S3 plugin, Members only plugin, DropShop more info here etc.. I think you can use it and this plugin is a fantastic option.
However, I recommend that you set up the Login LockDown plugin instead of any.htaccess controls. From being permitted after More Info three unsuccessful login attempts from a specific IP address for an hour login requests will stop. You can still get into the original source your panel whilst away from your office, and yet you still have good protection against hackers if you do that.