There are millions of blogs all over the Internet. Some of us are earning money through it and some do not. Many of the bloggers use WordPress at the moment. You will need to be sure that your blog is protected.
repair hacked wordpress site will also tell you that there is no htaccess from the directory. You can put a.htaccess file if you wish, and you can use it to control access to the directory or address range. Details of how to do this are available on the internet.
It all will start with the basics. Attempt using complex passwords. Use letters, numbers, special characters, and spaces and combine them to make a unique password. You could also use usernames that aren't obvious.
Keep your WordPress Installation up to date - One of the simplest and most valuable tasks you can do yourself is to ensure that your WordPress installation is updated. WordPress gives you a notice in your dashboard, so there is really no reason to not do this.
You may extend the plugin features with premium plugins such as: Amazon click now S3 plugin, Members only plugin, DropShop etc.. So I think this plugin is a good choice and you can use it.
However, I advise that you set up the Login LockDown plugin instead of any.htaccess controls. Login requests will stop from being permitted from a certain IP address for one hour. You may continue reading this still get into your admin panel while and yet you still have protection against hackers if you do so.