Okay, you got me: WordPress security isn't the sexiest way to spend your time, but it could end up being one of the most profitable! Nothing is more caustic to the lining of your stomach than having your site go down, and wondering whether or not you've lost it all.
There is a part of config-sample.php that's headed'Authentication Unique Keys.' You will find four explanations that appear within the block. There's a hyperlink secure your wordpress site within that section of code.You change, copy the contents that you return, and have to enter that link into your browser. That makes it harder for attackers to rapidly create a'logged-in' dessert for your site.
Safeguard your login credentials - Don't keep your login credentials where they might be found by a hacker. Store them off, and even offline. Roboform is for protecting them good , too. Food for thought!
Keep your WordPress Installation up to date - One of the easiest and most valuable tasks you can do yourself is to make sure your WordPress installation is upgraded. WordPress gives a notice on your dashboard to you, so there is really no reason not to do this.
Can you view that folder what if you visit WP-Content/plugins? If so, upload that blank Index.html file into that folder as well so people can not see what plugins you have. Someone can use this to get access because even if your version of WordPress is up to date, if you're using a plugin or an official statement old plugin using a security hole.
Always keep in mind the security of your sites depend on how you handle them. Be sure that you follow these tips to prevent hacks and exploits on your own blogs and websites.