Cloning your site is just another degree in fix wordpress malware which can be very useful. Cloning simply means that you have backed up your site to a completely different place, (offline, as in a folder, in order to not have SEO issues ) where you can get it in a moment's notice if the need arises.
Don't depend on your Web host - Many men and women depend on their web host to"do all discover this that technical stuff for me", not realizing that sometimesthey do not! Far better to have the responsibility lie instead of out.
For me it's a WordPress plugin. They're drop dead easy to set up, have all the features you need for a job such as this, and are relatively cheap, especially when compared to having to hire navigate here someone to have this done for you.
You can extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. I think you can use it and this plugin is a good option.
However, I recommend that you set up the Login LockDown plugin in place of any.htaccess controls. Login requests will stop from being permitted from a certain IP address for one hour after three unsuccessful login attempts. You may still get into your panel whilst away from your workplace, and yet you have great protection against hackers, if you do that.