Some users put too much trust in the standard WordPress
installation. All too often, these users lack an understanding of
basic security, database management, or the dangers of excessive
plugin usage. Here are some simple steps to take to increase the
security and usability of your WordPress platform.
Often times users install WordPress via FTP without any security
enabled. Worse yet, key files and folders on your server may be
inadequately protected after being uploaded. To minimize possible
security problems, make sure to use your .htaccess file to protect
your wp-config file, which controls key aspects of your site, and
set up your folder permissions to prevent anyone from viewing
content best left out of the public eye.