Install Better WordPress Security:
http://wordpress.org/extend/plugins/better-wp-security/
More recommended tips for making WordPress more secure can be found here:
http://codex.wordpress.org/Hardening_WordPress
http://www.noupe.com/how-tos/wordpress-security-tips-and-hacks.html
http://www.wpsecuritychecklist.com/
You can also following the following steps to make your WordPress more secure:
Step 1
Create a backup of your 
site.
Step 2
Update 
WordPress Version
This is critical because WordPress issues updates that 
close security vulnerabilities; it's things like this that could keep your site 
healthy!
Step 3
Change Your 
Login/Password
The default WP username is "admin" and hackers know this. 
So you should change it to something more personal, such as "Mike79". Best thing to do is to add that new user and make it an admin the 
delete the original login of "admin"
Make sure you use a strong password, such as "8Uhj6%n.L"
Most hackers try to brute-force your passwords so if it is really strong you should be fine in that regard.
Step 4
Change your 
Wordpress Keys!
Many people overlook this step but it is an important one 
as these keys work as salts for cookies and ensure better encryption of 
data.
Use the WordPress Key Generator to generate mentioned keys. Now edit 
your wp-config.php file and fine the lines that look like:
| define(‘AUTH_KEY’, ‘put your unique phrase 
here’); define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’); define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’); define(‘NONCE_KEY’, ‘put your unique phrase here’); | 
Save and you're good to go.
Step 5
Install WP Security Scan
This plugin is great and makes securing your site simple. It scans for security vulnerabilities and informs you of any malicious code.
If the plugin shows your text as green you should be good. However, if they are not green you will have to fix the problem to make them green.
Step 6
Change Table Prefix
-- Warning! Make a backup of your database before continuing. --
The default prefix for a WP bsite is "wp_" This makes it so sql injection hacks are easy for the hacker because it is easy to guess.
A good prefix would be "march26_" or "magnol1a_" this is a highly recommended change and you can do this with the WP Security Scan Plug-in.
WP Security Scan has a tab called "Database". Once you open that tab you have the option to rename your entire prefix to something secure.
Step 7
Prevent WordPress hacks by blocking search engine spiders from indexing the admin area. Spiders crawl all over your site structure unless they are told not to, and we don't want that.
The easiest way to prevent spiders from indexing the admin area is to create a robots.txt file in your public_html folder with the following lines of code.
| # User-agent: * Disallow: /cgi-bin Disallow: /wp-admin Disallow: /wp-includes Disallow: /wp-content/plugins/ Disallow: /wp-content/cache/ Disallow: /wp-content/themes/ Disallow: */trackback/ Disallow: */feed/ Disallow: /*/feed/rss/$ Disallow: /category/* | 
Prevent .htaccess Hacks
.htaccess (hypertext access) is the default name of directory-level configuration file that provides decentralized management of configuration while inside your web tree.
.htaccess files are often used for security restrictions on a particular directory.
So let's secure your .htaccess!
First we want to protect the .htaccess file itself so add the following (Do this for all .htaccess files you have in root and or create)
| # STRONG HTACCESS PROTECTION order allow,deny deny from all satisfy all | 
Now lets secure your config.php by adding:
| # protect wp-config.php Order deny,allow Deny from all | 
| # disable directory browsing Options All -Indexes | 
| # protect from sql injection Options +FollowSymLinks RewriteEngine On RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index.php [F,L] | 
| Order deny,allow Deny from all Allow from all | 
| # deny access to wp admin order deny,allow allow from xx.xx.xx.xx deny from all | 
