As of today, WordPress is already powering 48 of the blogs on the Internet. Aside from this, WP is powering 19% of the net as a whole. It means when they need instant creation of websites and blogs, that a lot of people trust WordPress.
Finally, installing the fix wordpress malware attack Scan plugin alert you that you might have missed, and will check all this for you. It will also inform you that a user named"admin" exists. That is the administrative user name. You find instructions if you wish and can follow a link. Personally, I think that there is a password good enough security, and there have been no successful attacks on the sites that I run because I followed those steps.
I protect an access have a peek at this site to important files on the site's server by putting an index.html file in the particular directory, that hides the files out of public view.
Move your wp-config.php file one directory up from the WordPress root. WordPress will look for it there if it cannot be found in the root directory. Also, nobody else will be able to read the file unless they have SSH or FTP access to your server.
You can extend the published here plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. So I think this plugin is a good choice and you can use it.
Implementing all of the above will probably take less useful reference than an hour to complete, while creating your WordPress site more resistant to intrusions. Over 1 million WordPress sites were last year, mainly due to preventable security gaps. Have yourself prepared and you are likely to be on the safe side.