Cloning your site is just another degree in fix wordpress malware protection that may be very useful. Cloning simply means that you've backed up your site to a completely different location, (offline, as in a folder, so as not to have SEO problems) where you can get it at a moment's notice if necessary.
No software system is immune to vulnerabilities and bugs. Security holes will be found and guys will do their best to exploit them. Keeping your software up-to-date is a good way once security holes are found because their products will be fixed by software sellers that are reliable.
Exclude pages - This plugin provides a checkbox,"include this page in menus", which can be checked by default. If you uncheck it, the page will not appear in any listings of pages (which contains, and is usually limited to, your page navigation menus).
Now we're getting into matters. You must rename it to config.php and alter the file config-sample.php, when you install WordPress. You need to deploy the database facts there.
When your website is new, you don't always consider needing security but you do have to protect your investment and yourself. Having a site go down and not having the ability to restore it can mean a big loss of consumers who probably won't remember to look for your website again later and can't find you. Don't let this happen to you. Back up your site after you get it started, as the website is operational, and schedule frequent backups for as long. That way, you reference will have peace and WordPress security of mind.