Start working through the steps in FAQ My site was hacked. Even if you cannot login to WP, you can modify files via FTP or your hosting control panel. See Resetting Your Password for other ways to regain access to WP.
At the same time, try to use cloudflare to make the hack harder to crack in which it also confuse the cracker. When he bring it down, while the original content is still cache in cloudflare.
Website Hacking can be controlled by using SSL certificate which provides a secure web access and avoids these hacking process.
SSL certificate does not proven your site is secure because it just provide a secure layer which make is hard to intercept using Man In Middle attack thus it does not close the vulnerability already found within the web applications / software. Beside keep up to date all your wordpress,plugins and application, perhap you may consider harden your wordpress in which some plugins are able to do it. The harden process does not guarantee that you are bulletproof. Security is a continuous process.
@viscosity : I agree with you and accept your points on security . I oppinion is certificates are one of te security option or features to get safe gaurded.
SSL certicate is only an option which cover only the communication layer, thus you must apply known update to cover the application layer. Don’t take internet security for granted because it keep moving.
Thanks, brothers I’m really grateful for that