In my opinion, the best way to ensure your WordPress security is via using a clean hacked wordpress site backup plugin. This is a fairly inexpensive, easy and elegant to use way to be certain that your site is available to you in the event of a disaster.
Backup plug-ins is also significant. You need to backup database and all the files you can bring back your blog like nothing.
There is a section of config-sample.php that is headed"Authentication Unique Keys." There are. There's a hyperlink inside that part of code. You want to enter that link in your browser, copy the contents which you return, and then replace the keys you have with the unique, pseudo-random keys offered by the site. This makes it harder for attackers to automatically generate a"logged-in" cookie for your website.
Can you see that folder what if you go to WP-Content/plugins? If so, upload this blank Index.html file inside that folder as well so people can't see what plugins you might have. Because even if find more info your current version of WordPress is current, if you're using an old plugin or a plugin using a security hole, someone can use that to get access.
Change admin username and your WordPress password, or at least your password and collect and use good WordPress safety tips to keep hackers out!