Cloning your website is just another degree in fix wordpress malware which may be very useful. Cloning simply means that you've backed up your website to a completely different place, (offline, as in a folder, so as not to have SEO issues ) where you can get it at a moment's notice if the need arises.
Essentially, it will all start with the basics. Attempt using complex passwords. Use spaces, numbers, special characters, and letters and combine them to create a password that is special. You could also use usernames that are not obvious.
You also need hop over to here to set the"Anyone Can Register" in Settings/General to away, and you should have some type of spam plugin. Akismet is the one I use, the old standby, but there are lots of them nowadays.
You can also make a firewall that blocks hackers from infiltrating your blogs. The firewall prevents the hacker. You must also have version of Apache. Upgrade your PHP. It's important that your system is full of upgrades.
Oh . And by the way, I talked about plugins. Make sure it's a safe one, when you get a plugin. Do not install any plugin simply because the owner is saying that click this plugin can help you do this or that. Maybe use get a software engineer to analyze it, or maybe a test blog to check the plugin. This way you'll know it is not a threat for your business or you.