What exactly is WordPress cloning and why is it an extremely useful tool to have in your webmaster's bag? Most individuals think this is a shady technique for duplicating sites to garner more link love and rankings, and while that may have been true (and useful!) At one time, this is an endeavor.
The repair hacked wordpress site Codex has an outline of what permissions are okay. Directory and file permissions can be changed either through an FTP client or within the page from your hosting company.
Also, don't make the mistake of thinking that your hosting company will have your back so far as WordPress copies go. Not always. It's been my experience that the hosting company may or might not be doing proper backups, while they say that they do. Take that kind of chance?
Move your wp-config.php file one directory up from the WordPress root. WordPress will look for it if it can't be found in the root directory. Also, nobody else will have the ability to read the document unless they have FTP or SSH access to your server.
Can you see that folder what if you go to WP-Content/plugins? If so, upload this blank Index.html file inside that folder as well so people can't view what plugins you have. Because even if your current version of WordPress is up to date, if you're using a plugin or an old plugin using a security hole, someone can use that to get access.
Of course it's possible to set up read the full info here plugins to make your shop like backup plugin or share buttons. That's all. Your shop is now up and running!