You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
By default, the newest version of WordPress is pretty darn secure. Anything which may have been added to any fix hacked wordpress database plugins has been considered by the development team of WordPress . In the past , WordPress did have holes but most of them are stuffed up.
I protect an access to important files on the blog's server by putting an index.html file in the particular directory, which hides the files from public view.
A snap to move - If, for some reason, you need to relocate your site, such as a domain name change or a new hosting company, getting your files at your fingertips can save you oodles of time, headache, and the need for tech help.
Along link with adding a secret key to your wp-config.php document, also think about altering your user password to something that's strong and unique. A good idea is to avoid phrases, use letters, and include numbers, although you will see be told the strength of your password by wordPress. It's also a good idea to change your password regularly - say once every six months.
Do not use wp_ as a prefix for your own databases. Web hosting providers are currently eliminating that default but if yours doesn't, fix wp_ to anything but that.