WordPress is one of the most popular blogging and content management platforms on the internet today. This also makes it a target for hackers. WordPress sites that are not kept up to date and follow some security precautions are easy prey for hackers. Just following a few changes can greatly improve the security of your blog. The more of these you apply, the more secure your site will be.
Always keep your WordPress installation up to date. Those newer version you see available also contain security updates to vulnerabilities that are discovered daily.
Use a strong password for your WordPress admin and for your hosting account. Never use the same password for both.
There are guides online on how to rename your wp-admin folder. The first thing any hacker would do is to try /wp-admin/ on a domain to see if it is a WordPress blog. Then that url can be a vector for long term brute force password attempts.
Change the default username from ‘admin’ to something unusual and that only you would know.
When setting up a WordPress site on basic hosting platforms, a defauly scheme is followed for the database name. Change it using the phpmyadmin provided and update the database name in the wp-config. This will also make it harder for hackers to guess the database name.