Install the fix malware problems free Firewall Plugin. Quit and this plugin investigates requests to identify obvious attacks.
Don't make the mistake of thinking that your hosting company will have your back so far as WordPress backups go. Not always. look at this now It's been my experience that the company may or may not be doing proper backups while they say they do. Take that kind find out of chance?
Move your wp-config.php file one directory up from the WordPress root. WordPress will look for it if it cannot be found in the main directory. Additionally, nobody else will have the ability to read the file unless they have FTP or SSH access to your server.
Whitelists pathological-looking phrases and black based on which area they appear within. (unknown/numeric parameters vs. known post bodies, remark bodies, etc.).
Just make sure that you can schedule, and you choose a plugin that is current with the version and release of WordPress, restore and replicate.