Cloning your site is just another level in fix malware problem that can be useful. Cloning simply means that you have backed up your site to a completely different location, (offline, as in a folder, in order not to have SEO problems) where you can access it at a moment's notice if necessary.
I protect an access to important files on the blog's server by recommended you read placing an index.html file in the particular directory, which hides the files from public view.
Harness Scanner goes through the files on your site database, comment and post tables in search of anything suspicious. You are also notified by it for plugin names. It doesn't remove anything, it warns you for potential threats.
You can also make a firewall that blocks hackers. From coming into your files, the firewall prevents the hacker. You must also have version of Apache. Upgrade your PHP as well. It's important that your system is filled with upgrades.
Implementing all of the above will probably take less than an hour to complete, while creating your WordPress site much more resistant to intrusions. Over 1 million WordPress websites were last year, largely due to easily preventable safety gaps. Have yourself prepared and you're likely to be on the safe side.