Finally, installing the fix wordpress malware virus Scan plugin will check most of this for you, and alert you to anything that you might have missed. Additionally, it will tell you that a user named"admin" exists. Of course, that is the administrative user name. You find directions if you wish and can follow a link. I personally think that there is a password enough security that is good, and there have been no attacks on the several blogs that I run, since I followed those steps.
Everything you've worked for will proceed with this should your site's server return. You'll make no sales, get signups or no traffic to your website, until you have the site and in short, you're out of business.
There's a section of config-sample.php that's headed"Authentication Unique Keys." There are four definitions which appear within the block. There is a hyperlink inside that section of code. You need to enter that link in your browser, copy the contents which you visit homepage get back, and then replace the keys you have with the unique, pseudo-random keys provided by the website. This makes it harder for attackers to automatically generate a"logged-in" top article cookie for your website.
Note that you should try this step for new installations. You'll also need to change all the table names inside the database if you would like to get it done for installations.
Change your password, often, or at least your WordPress password and admin username and collect and use other good WordPress safety tips to keep hackers out!