I back my blogs frequently using a plugin WP DB Backup up. I can restore my blog to the settings if anything happens. I use WP Security Scan plugin that is free to scan my site frequently and WordPress Firewall to block suspicious-looking requests to fix wordpress malware fix.
If you're among the proactive ones, I might find it a little harder to crack your password. But if you're among those ones that are responsive, I might get you.
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. Definitely if you make changes and frequent additions to your site. If you make changes multiple times every day, or have a community of people look at more info which are in there all the time, a backup should be a minimum.
So what's the best way to achieve WordPress cloning? Out of all the possible choices that are available today, which one is right for you personally and which path should you choose?
The plugin should be updated play nice to stay current with the latest WordPress release and have WordPress and restore capabilities. The ability to clone your site (in addition to regular backups) can be useful if you ever want to do an offline website redesign, among other things.