I don't know about you, but I researched to find out what others do to maintain their blog secure, and when I secured my WordPress site, I found so much information I was completely confused. And some of the information was actually on the top or superstitious. People told me rename this folder to rename this file and set up these ten plugins. It seemed to be a lot of energy and work.
Cloning your site is just another level in rename your login url to secure your wordpress website which may be useful. Cloning simply means that you have backed up your site to a completely different place, (offline, as in a folder, so as not to have SEO problems) where you can get it in a moment's notice if necessary.
Don't depend on your internet host - Many people depend on their web host to"do all that technical stuff for me", not realizing that sometimes, they don't! Far better to have the responsibility lie with you, instead of out.
Move your wp-config.php file one directory up from the WordPress root. WordPress will search for it there if it cannot be found in the main directory. Also, nobody will have the ability to read the file unless they've SSH or FTP access.
Now we are getting Bonuses into things. Whenever you install WordPress, you have to edit the file config-sample.php and rename it to config.php. You need to install the database details there.
Of course it's possible to install more plugins to make your shop more user friendly like automated backup plugin next page or share buttons. That's all. Your shop is up and running!