I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
Cloning your site is just another level in fix wordpress malware which may be very useful. Cloning simply means that you have backed up your site to a completely different location, (offline, as in a folder, so as not to have SEO problems) where you can get it at a moment's notice if necessary.
Truth is, if your own website is targeted by a master of the script, there is actually no way. What you are about to read below are a few precautionary measures you can take to minimize the threat. Odds are a hacker would prefer picking another victim if your WordPress site is well protected.
Keep control of your assets - Nothing is worse than getting your livelihood in the hands of somebody else. Why take chances with something as important as your site?
In addition to adding a secret key to your wp-config.php file, also consider altering your user password into something that is strong and unique. WordPress will let you know the strength of your check here password, but include amounts, use upper and lowercase letters, and a good idea is to avoid common phrases. It's also a good idea to change your password you could try this out regularly - say once.
Of course you can install more plugins to make your shop more user-friendly like share buttons or automatic backup plugin. That's all. Your store is now up and running!