Cloning your website is another degree in clean hacked wordpress site that may be very useful. Cloning simply means that you have backed up your website to a totally different place, (offline, as in a folder, so as to not have SEO problems) where you can get it at a moment's notice if necessary.
You can search for software that will backup your files and database. You can easily restore your site by means of your files and change, if hackers abruptly hack your website.
You should also set the"Anyone Can Register" in Settings/General to away, and you ought to have some sort of spam plugin. Akismet is the one I use, the old standby, but there are many of them these days.
Imagine if you visit WP-Content/plugins, can you view that folder? If so, upload that blank Index.html file into that folder as well so people can not see what plugins you have. Because if your existing version of WordPress is up to date, if you're using an old plugin or a plugin with a security hole, someone can use this to get access.
Of course you can install more plugins to make your shop like share buttons or go to this site automatic plugin. That's all. Your store is up and running!