It helped me although my first step isn't one you must take. I had a fantastic old style pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And I did what I should have done before I even started my website. And here is where I would like you to start also. Learn hacked. The thing about rename your login url to secure your wordpress website and why so many of us recommend because it is easy to learn it view website is. Unfortunately, that can be a detriment to the health of our sites. We need to learn how to put in a security fence around our site.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, that hides the files from public view.
This is quite handy plugin, protecting you against brute-force password-crack strikes. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable login attempts when a certain number of attempts is reached.
Safety plug-ins can be considered as a complete security checker. They provide you with information concerning the probable weaknesses of the site and scan and check the entire website.
Of course it's possible to install plugins to make your shop more user-friendly like automated plugin or share buttons. That's all. Your store is now up and running!