Most of the time word press based website have been hacked how. and they only replace index.php file how they enter in to the word press admin where is loop whole i want to resolve this issue
Shorter sentences would be helpful. I do not understand what you are saying. There are a number of ways that you could have been hacked. You could have given out your login credentials. You could be using a FREE theme that has malware in it (see my sigline). Maybe even your hosting is compromised.
Hii Dodger... when any website have been hacked why hackers changes only index.php .and how we can stop them i am using studio press and its Paid theme
Wordpress is a very safe platform. Hacked sites usually use faulty plugins or themes. As always, be careful in using hacked themes. Oftentimes, hackers create backdoors and callback functions to locate your site just easily.
They gotcha, eh. Well like I said before, they got a hold of your login credentials somehow. And there are a number of ways they could do that. It could be a plugin. It could be somebody knows your login and is messing with you. It could be an extension/plugin in your browser that is logging keystrokes. It could be shareware on your computer that is logging keystrokes. It can be a number of things. You need to scan your computer for nasties. Review your WordPress plugins and toss anything that is suspicious, not needed, or coming from unreliable sources (something not from WP.org). You need to change all of your passwords in MySQL, FTP, Hosting CP, Computer Login, and WordPress Admin Login. In general, you need to clean house!
Go to wordpress site and look for "security" plugins, download 2-3 of them and follow all the instructions. This should help a lot.