Last year and a half educated us that WordPress security should not be taken lightly by any means. Between 15% and 20% of the planet's high traffic websites are powered by WordPress. The fact that it is an Open Source platform and everybody has access to its Source Code makes it a tempting prey for hackers.
There's a portion of config-sample.php that's headed'Authentication Unique Keys.' Four explanations that appear within the block will be found by you. A hyperlink is rename your login url to secure your wordpress website within that section of code.You copy the contents which you return must enter that link in your browser, and change the keys you have with the special, pseudo-random keys given by the website. That makes it harder for attackers to rapidly generate a'logged-in' dessert for your website.
The more powerful approach, and the one I recommend, is to use one of the creation and storage plugins available for your browser. RoboForm is liked by people, but I think after a trial period, you need to pay for it. I use the free version of Lastpass, and I recommend it for those who use Internet Explorer or Firefox. That will generate secure passwords for you.
You should also place the"Anyone Can Register" in Settings/General to away, and you should have some sort of spam plugin. Akismet is the old standby, the one I use, but there are many of them these days.
Black and whitelists phrases based on which field they look within. (unknown/numeric parameters vs. known post bodies, remark bodies, etc.).
But realize that online security is something that you must start thinking about. Don't only be the type that is reactive, take steps to start protecting yourself today. Don't let Joe the Hacker make your life miserable and turn his response all that you've worked so hard.