There is a portion of config-sample.php that's headed'Authentication Unique Keys.' Four explanations that appear within the block will be found by you. There's a hyperlink how to fix hacked wordpress site within that section of code.You change the keys you have with the special keys given by the website, copy the contents that you return, and must enter that link into your browser. That makes it harder for attackers to create a'logged-in' dessert for your website.
There are numerous ways to pull off this, and a lot of them involve copying and FTPing files, exporting and re-establishing databases and more. Some of these are very complex, so it's important that you select the best one. Then you might want to check into using a plugin for WordPress backups if you are not of the persuasion that is technical.
Exclude pages - This plugin provides a checkbox,"include this page in menus", which is checked by default. If you uncheck it, the page won't appear in wikipedia reference any listings of webpages (which contains, and is ordinarily restricted to, your page navigation menus).
You can create a firewall that blocks hackers. The hacker is linked here prevented by the firewall from coming into your files. You also have to have version of Apache. Upgrade your PHP. It is essential that your system is always full of upgrades.
Implementing all the above will probably take less than an hour to complete, while creating your WordPress site more resistant to intrusions. Over 1 million WordPress websites were this past year, largely due to easily preventable safety gaps. Have yourself prepared and you are likely to be on the safe side.