By default, the newest version of WordPress is pretty secure. Anything which may have been added to some how to fix hacked wordpress plugins has been considered by the development team of WordPress . Before, WordPress did have holes but now most of them are stuffed up.
Also, don't make the mistake of thinking that your hosting company will have your back so far as WordPress copies go. Not always. It has been my experience that the company may or may not be doing proper backups, while they say they do. Why take that kind of chance?
Keep your WordPress Installation up to date - One of the easiest and most valuable tasks you can do yourself is to ensure that your WordPress installation is upgraded. WordPress provides you a notice on your dashboard, so there is really no reason.
Install the WordPress Firewall Plugin. Prevent and this plugin investigates web requests address with WordPress-specific heuristics that are simple to identify attacks.
However, I advise that you set up my response the Login LockDown plugin as opposed to any.htaccess controls. Login requests will be ceased by that from being allowed from a for an hour or so after three unsuccessful login attempts. It is still possible to access your admin cell while from your office, and yet you still have great protection against hackers Read Full Article if you accomplish this.