Cloning your website is just another level in rename your login url to secure your wordpress website that can be useful. Cloning simply means that you have backed up your site to a totally different place, (offline, as in a folder, in order to not have SEO problems) where you can get it at a moment's notice if necessary.
Is also significant. You want to backup database and all the files you can bring your site back like nothing.
Move your wp-config.php file one directory up from the WordPress root. WordPress will look for it there if it cannot be found in the root directory. Additionally, nobody will have the ability to read the document unless they have SSH or FTP access to your server.
Another step to take to make WordPress secure is to always upgrade WordPress to the latest version. The main reason for this is that why not find out more there also come fixes for old security holes making it essential to update.
Oh . And by the way, I talked about plugins. When you get a plugin, make sure it's a secure one. Don't install any plugin just because the owner is saying on his site that plugin can help you do this or that. Maybe link use perhaps, or a test blog to look at the plugin get a software engineer to examine it. This way is my link not a threat for your business or you.