What exactly is WordPress cloning and why is it a very useful tool? Most individuals think this is a dishonest technique for copying websites to garner more link love and rankings, and while that might have been accurate (and useful!) This is an endeavor.
secure your wordpress site will even tell you that there's not any htaccess in the directory. You can put a.htaccess file within this directory if you wish, and you can use it to control access to the directory or address range. Details of how to do that are easily available on the internet.
Also, don't make the mistake of believing that your web host will have your back so far as WordPress backups go. Not always. It's been my experience that the company may or might not be doing proper backups, while they say that they do. Why take that kind of chance?
Yes, you need to do regular backups of your website. I recommend at least a weekly database backup and a monthly "full" backup. More, if possible. Definitely, if you make changes and regular additions to your site. If you make changes multiple times a day, or have a community of people which are in there all the time, a daily backup click to investigate should be a minimum.
It is really sexy to fan the flames of fear. That is what bloggers and journalists and politicians and public figures do. It's great for readership and it brings money to the war chests. Balderdash.
I prefer to use a WordPress plugin to get the job done. Just make sure the plugin you select is in a position to do select backups, has restore performance, and can replicate. Also be sure it is often updated to keep pace with all new versions of WordPress. There is no use in not working, and backing up your data to a plugin that's out of date.