There has been much written recently about hackers trying to attack WordPress sites so that they can use the server power for further wrong doing. If you follow the three simple steps below you will have your WordPress site setup so that it has better security than the vast majority of sites and therefore is less liked to be targeted.
Remove the admin account
The admin account is always going to be the target where hackers will start. Instead of using the default admin account create a new account with admin privileges and then delete the admin account. When you delete the original account WordPress will ask you if you wish to attribute any posts written as that account to another user. If you are not sure then just attribute them to the new user you have created as it is better to be safe than sorry.
Give your new admin account a complex password
A complex (or strong) password is a combination of upper and lower case letters and numbers. Avoid using a single word that would feature in a dictionary as these are easier to crack. So for instance things like “password”, “letmein” or “astonvilla” are too easy to get. Instead you should do something like “AVFC4ever” that way you have far less chance of it being cracked. Also passwords should be over eight characters long as the longer they are the harder they are to crack.
Make sure that WordPress is kept up to date with the latest version and that all plugins are kept up to date. That way any vulnerabilities that may have been present in older versions have been removed. I’d recommend checking at least once a week for updates although if you are blogging regularly it wont harm to keep up to date after you’ve written your latest blog post.