There are millions of blogs. Money is being made by some people and some do not. Many of the bloggers use WordPress at the moment. You need to make sure that your blog is secure.
My first step isn't one you have to take but it helped me. I had a good old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And then I did what I should have done before I started my website. And here is where I want you to start. Learn hacked. The attractive thing about fix wordpress malware and why so many people recommend because it is easy to learn, it is. That can be a detriment to the health of our sites. We need to learn how to put in a safety fence.
A simple way is to use a few tools. To begin with, don't allow people run a web host security scan, to list the files in your folders and automatically backup your entire web hosting account.
Exclude pages - This plugin provides a checkbox,"include this page in menus", which can be checked by default. If you uncheck it, the page will not appear in any listings of webpages (which contains, and is ordinarily limited to, your webpage navigation menus).
Imagine if you visit WP-Content/plugins, can you see that folder? If so, upload that blank Index.html file inside that folder as well so people can't view what plugins you might have. Because even if your existing version of WordPress is current, if you are using a plugin or an old plugin using a security hole, someone can use that to get access.
Oh . And by the way, I talked about plugins. When you get a new plugin, make sure it's a safe one. Don't install any plugin because the owner websites is saying on his website that plugin can help you do this or that. Maybe use get a software engineer to analyze it, or maybe a test site to check the plugin. This way you'll know it is not a threat for you or your business.