I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
Installing the secure your wordpress site Scan plugin alert you that you may have missed, and will check most of this for you. It will also tell you that a user named"admin" exists. Needless to say, that is your user name. You find instructions if you wish and can follow a link. Personally, I think that there is a password good protection, and there have been no successful attacks on the numerous sites that I run because I followed these steps.
A simple way would be to use a few built-in tools. First of all, don't allow people run a web host security scan to list the documents in your folders and automatically backup your web hosting account.
First in line is currently creating a smarter password for your account. Passwords must be made with numbers and their explanation special characters. You make small plus shifted letters and may combine them. Smarter passwords can be your gateway to zero hackers. Make passwords that are difficult that only you can consider.
You can create a firewall that blocks hackers. From coming into your own files, try here the firewall prevents the hacker. You must have updated version of Apache. Upgrade your PHP also. It's essential that your system is always filled with upgrades.
Do your homework and some searching, but if you're pressed for time and want to get this try the WordPress safety plugin that I use. It's a relief to know that my website (and company!) are secure.