Here are a few simple tips on how to secure your WordPress installation.
1. Update, Update, Update – It can be a pain to update WordPress installations, plugins, and themes because your website may not function or look the same, but these updates often times contain security patches that will make your site less vulnerable to attack.
2. No More Admins – When making a clean WordPress install, pick another username for your admin to make it more difficult for hackers to break in.
3. Create Strong Passwords – This is an obvious one, but one of the most important. It is a good rule of thumb to create a password of at least 8 characters with upper and lowercase letters and numbers. To make it even more secure add punctuation!
4. Use Better WP Security – This is a fantastic plugin that allows you to perform a multitude of different functions including: Changing your table prefixes, securing your .htaccess file, stopping brute force attacks, and changing your login page. If you are going to have one security plugin, this is it!
5. Deactivate Plugins – If you aren’t using a plugin, make sure to at least deactivate it. Plugins may contain security flaws that make your site vulnerable to an attack, and it would be silly to risk a security breach over a plugin you don’t even use.
Following these simple 5 steps will make your site more secure than the vast majority of WordPress installations and will send hackers scurrying away, looking for easier targets.