I have had two WordPress blogs. That was in a time when I was doing virtually no online advertising, and until I found time to handle the situation (weeks later), these sites were penalized in the main search engines. They were not eliminated, no matter how the evaluations were reduced.
Finally, secure your wordpress website will inform you that there is no htaccess inside the directory. You can put a.htaccess record in to this directory if you would like, and you can use it to handle this wp-admin directory from Ip Address address or address range. Details of how you can do this are plentiful around the net.
Everything you have worked for will go with it, should the server of your site return. You'll make no sales, get signups or no visitors to your site, until you get the site back up again and in short, you are out of business.
You should also place the"Anyone Can Register" in Settings/General to off, and you should have some sort of spam plugin. Akismet is the one I use, the old standby, but there are lots of them nowadays.
Now we are Source getting into matters specific to WordPress. You must rename it to config.php and modify the file config-sample.php, when original site you install WordPress. You need to deploy the database facts there.
Just ensure that you can schedule, and you website link decide on a plugin that is current with release and the current version of WordPress, restore and clone.