Hackers are out there to try and hijack any kind of site. Your WordPress site will not be immune. Here is one free wordpress plugin that I recommend for added security. It is called Secure WordPress by WebsiteDefender.
Secure WordPress is a free WordPress plugin that helps secure your WordPress blog by reviewing key security functions. Hundreds of thousands of people already use the Secure WordPress plugin with great success to protect their blog content and visitors.
Key security features:
- Remove error-information on login-page.
- Add index.php plugin-directory (virtual).
- Add index.html to plugin directory.
- Remove the wp-version, except in the admin-area.
- Hide wp-version in backend-dashboard for non-admins.
- Remove Really Simple Discovery.
- Remove Windows Live Writer.
- Remove core update information for non-admins.
- Remove plugin-update information for non-admins.
- Remove theme-update information for non-admins (only WP 2.8 and higher).
- Block bad queries.
You don’t have to understand all these features to use it. It does all this stuff automatically. Basically, it makes it harder for hackers to get information they need to find out vulnerabilities in your site. What I like about this plug in, is that allows you to create a free account with website defender. They will monitor your site for malicious code and suspicious activity and email you the results.