Since scare tactics seem to be what compels some people to take fix wordpress malware virus a little more seriously, or at least start thinking about the issue, allow me to shoot a scare tactics your way.
Use strong passwords - Do your best to use a strong password, alpha-numeric. Easy to remember passwords are also easy to guess!
There is a section of read config-sample.php that is headed"Authentication Unique Keys." There are four definitions that appear within the block. There's a hyperlink inside that part of code. You want to enter that link into your browser, copy the contents that you get back, and then replace the keys you have with the unique, pseudo-random keys offered by the website. This makes it harder for attackers to automatically create a"logged-in" cookie for your website.
Note that you should try this step for setups. You have to change of the table names within the database, if you would like to get it done for installations.
Free software: If you have installed scripts that are free such as Wordpress, search Google for'wordpress security'. You will get tips.