clean hacked wordpress site Watch out form submissions. You can useRegexp to process the data . You can also define preloaded variables as type data in the form of checkboxes, radiobuttons etc..
Truth is, if a competent master of this script targets your own website, there is really no way. What you are about to read below are a few precautionary actions you can take to quickly minimize the risk. If your WordPress site is well protected odds are a hacker would prefer picking simpler victim, look what i found another.
Move your wp-config.php file up one directory from the WordPress root. WordPress will look for it there if it cannot be found in the root directory. Additionally, nobody will have the ability to read the file unless they've FTP or SSH access.
You could get an SSL Encyption Security to your WordPress blogs. The SSL Security makes secure and encrypted communications with your blog. You can keep the all the cookies and history of communication so that all transactions are listed. Make sure that all your sites get SSL security for maximum protection from hackers.
Software: If you've installed free scripts search Google for'wordpress security'. You'll get tips.