Install the fix wordpress malware Firewall Plugin. This plugin investigates requests with heuristics that are straightforward to recognize and stop most obvious attacks.
Safeguard your login credentials - Don't keep your login credentials where a hacker might locate them. Store them offsite, as well as offline. Roboform is good for protecting them, too. Food for thought!
Move your wp-config.php file up one directory from the WordPress root. WordPress will search for it if it cannot be found in the main directory. Also, nobody will have the ability to read the document unless they have SSH or FTP access to your server.
Now we're getting into things. Whenever you install WordPress, you have to edit the file config-sample.php and rename it to config.php. You want to install the database information there.
Do your homework and some hunting, but if you're pressed for time Find Out More and need to get this try the WordPress security plugin that I use. It's a relief to know that my site (and business!) are secure.