Unfortunately even on the Internet there is always someone out to get you.
Here are a few Simple Tips to Secure your WordPress Blog/Website.

1. Secure your .htaccess file – Chmod your .htaccess from 644 -to- 444.
   Adding this code to your .htaccess file can improve the security of your WordPress Installation.
   # Block WordPress wp-config.php requests
<files wp-config.php>
order allow,deny
deny from all
</files>
# END protect wp-config.php
   AND
   # Block WordPress xmlrpc.php requests
<files xmlrpc.php>
order deny,allow
deny from all
</files>
# END protect xmlrpc.php
2. Disabling Comments – There are many methods to disable comments, though we would recommend that you use a plugin that is actively developed to do so, you can always just turn comments off in the Settings section of the WordPress Dashboard.
3. Secure wp-config.php – As above we have stated that you needed to add code to your .htaccess to keep your install secure, you must also Chmod your wp-config.php from 644 -to- 444.
4. Use Loginizer Security Plugin – The Loginizer Security Plugin can be installed with WordPress on our Servers using Softaculous, Loginizer aides and prevents hackers/spammers from bruteforcing their way into your WordPress Installation.
5. Updates – Like it or not we all have to update our Web Site eventually, but in the case of WordPress keep your WordPress Install, Plugins, and Themes up to date! Again you can do so on our Servers by clicking Advanced Settings in Softaculous when you start a WordPress Installation.