fix wordpress malware attack Watch out form submissions. You can usethe data to be processed by Regexp from forms. You can even define preloaded factors as form data in the form of checkboxes, radiobuttons etc..
Truth is, if a master of this script targets your own website, there is no way. What you are about to read below are some measures you can take to quickly minimize the risk. Odds are a hacker would prefer picking more easy victim, another if your WordPress site is protected.
Yes, you want to do regular backups useful source of your website. I recommend at least a weekly database backup and a monthly "full" backup. More, if possible. Definitely if you make changes and regular additions to your site. If you make changes multiple times every day, or have a community of people that are in there all the time, a backup should be a minimum.
Now we are getting into things. Whenever you install WordPress, you need to edit the file config-sample.php and rename it to config.php. You want to install the database information there.
I prefer using a WordPress plugin to get the job done. Make sure that the plugin you select is able to do select backups, has restore performance, and can replicate. Also be sure it is frequently updated to keep pace with all new versions of WordPress. There's absolutely no use in not working, and backing up your data to a plugin that's out of date.