Cloning your site is just another degree in fix wordpress malware attack that can be useful. Cloning simply means that you've backed up your website to a totally different place, (offline, as in a folder, so as to not have SEO issues ) where you can get it in a moment's notice if necessary.
You can look for software that will backup your database and files. If your website is hacked by hackers, it is easy to restore your website with the use of your backup files and change everything that has to be changed.
Keep control of your assets that are online - Nothing is worse than getting your livelihood in the hands of somebody else. Why take chances with something as important as your site?
Another step to take to make WordPress secure is to always upgrade WordPress to the latest version. informative post The main reason for this is that there come fixes for security holes that are older which makes it essential to update early.
However, I recommend that you install the Login LockDown plugin instead of any.htaccess controls. Login requests will stop from being allowed from a specific IP address for one hour after three failed login attempts. If you do so, you can access your panel while away from your office, and yet you have protection against hackers.