My blog was recently hacked through an unsecured plug-in, WP-Forum. Since the incident, I noticed a lot of other WordPress blogs were also hacked. I decided to do some research to learn how to secure my WordPress installation and I came across a very useful WordPress security whitepaper that you can download from blogsecurity.net for free. It is technical but I recommend that anyone who owns a WordPress blog to read it because there are quite a lot of useful information that you can implement on your blog and secure it from hackers.
What is in the whitepaper?
Other posts that might interest you:
Tips from Matt Cutts to protect WordPress installation
Upgrade to WordPress 2.3.2 to fix urgent security flaw
Web site hacked
a tech junkie and a software developer.
a apple fan and an avid photographer.
a frequent traveller and loves art and graphic novels.
Just to share on my experience as a web administrator:
Been running website using Joomla almost 3years; have not experience any hack to all my sites till now…
Current site on Joomla:
http://www.caring2u.com.my
http://caring2u.com.my/rx/
(with forum module for pharmacists)
http://www.pharmd.com.my
&
http://pharmd.com.my/lspj87/
In addition on making sure that the WP files are updated and changing the password on a regular basis, I also use Login LockDown plugin for wordpress.
It adds some extra security to WordPress by restricting the rate at which failed logins can be re-attempted from a given IP range.