I've had two WordPress blogs hacked into previously. That was in a time when I was doing virtually no online marketing, and until I found time to deal with the situation (weeks later), these sites were penalized at the main search engines. They were not eliminated, however the ratings were reduced.
Install the fix wordpress malware Firewall Plugin. This plugin investigates net requests with straightforward WordPress-particular heuristics to identify and stop most obvious attacks.
Also, don't make the mistake of thinking that your web host will have your back as far as WordPress copies go. Not always. It's been my experience that the company may or might not be doing proper backups while they say that they do. Why take that kind of chance?
Maintain control of your online assets - Nothing is worse than having your livelihood in the hands of somebody else. Why take chances with something as important as your site?
Now we're getting into things. You have to rename it to config.php and alter the file config-sample.php, when you install WordPress. You need to deploy the database facts there.
When your site is new, you do not always consider needing security but you do have to protect yourself and your investment. Having a site go down and not having the ability to restore it can mean a loss of customers who can't find you and probably won't remember to look for important site your website later. Don't let that happen to you. Back up your site as soon as continue reading this you get it started, as the site is operational, and schedule backups for as long. This way, you'll have peace and WordPress security of mind.